Notifications
Clear all
Topic starter
22/06/2026 10:00 am
TL;DR: PAM vendors are being judged on AI-driven privilege controls, runtime analysis, and integration depth across human, machine, and AI identities, according to Delinea’s Frost Radar recognition from Frost & Sullivan. The strategic issue for identity teams is no longer vaulting alone but whether privilege governance can keep pace with continuously changing actors and access paths.
NHIMG editorial — based on content published by Delinea: Delinea Named a Growth and Innovation Leader in Frost Radar™: Privileged Access Management 2026
By the numbers:
- Delinea’s platform includes over 600 prebuilt integrations across more than 145 vendors.
Questions worth separating out
Q: How should organisations govern privileged access for AI agents and machine identities?
A: Treat AI agents and machine identities as governed privilege holders, not background systems.
Q: Why do standing privileges create more risk in hybrid environments?
A: Standing privileges persist across sessions, platforms, and operational handoffs, which expands the window for misuse.
Q: How do security teams know whether Zero Standing Privilege is working?
A: Look for evidence that elevation is issued only when needed, expires automatically, and cannot be reused outside the approved task.
Practitioner guidance
- Reassess PAM as a runtime control layer Map every privileged decision point where access is granted, extended, or revoked during execution.
- Inventory standing privilege across machine and AI identities Identify service accounts, workload identities, and agentic access paths that retain privilege between tasks.
- Test whether telemetry can spot active privilege misuse Validate that logs and alerts can distinguish expected automation from abnormal session behaviour in real time.
What's in the full analysis
Delinea's full post covers the operational detail this post intentionally leaves for the source:
- The specific Frost Radar evaluation dimensions used to score PAM vendors, including market share, ecosystem integration, and R&D investment
- Details on the platform capabilities behind the recognition, such as credential vaulting, session monitoring, and AI-powered auditing
- The vendor's own description of its AI agent discovery and identity analytics roadmap
- The deployment and integration claims that support its platform depth narrative in hybrid environments
👉 Read Delinea's analysis of its Frost Radar PAM 2026 recognition →
PAM and AI-era privilege control: what practitioners need to re-evaluate?
Explore further
22/06/2026 10:43 am
PAM is being evaluated as runtime identity governance, not just privileged credential storage. The Frost Radar emphasis on AI-driven controls, JIT access, and integration depth reflects a market that now expects PAM to govern access at the moment of use. That shift matters because the old definition of PAM assumed privilege was a static condition. Practitioners should read this as a move from vault management to continuous privilege control.
A few things that frame the scale:
- 97% of NHIs carry excessive privileges, increasing unauthorised access and broadening the attack surface, according to Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which means most teams cannot confidently map where privilege actually exists.
A question worth separating out:
Q: What should IAM teams change when PAM expands beyond admin access?
A: They should connect PAM policy to identity lifecycle, telemetry, and entitlement review so privilege is governed continuously rather than only at approval time. That requires shared ownership across IAM, IGA, and security operations. The practical goal is to understand where privilege lives, how it is used, and what removes it.
👉 Read our full editorial: PAM market consolidation is shifting toward AI-era privilege control
