Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Palo Alto Networks and CyberArk: what this means for identity security


(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 12212
Topic starter  

TL;DR: Palo Alto Networks’ planned $25B acquisition of CyberArk signals that identity security has moved from a set of point controls into a platform category, while AI, machine identities, and lateral movement keep widening the attack surface, according to Silverfort. The practical shift is that IAM, PAM, NHI, and AI governance can no longer be treated as separate programmes with separate risk models.

NHIMG editorial — based on content published by Silverfort: Palo Alto Networks' planned acquisition of CyberArk and what it means for identity security

By the numbers:

  • Palo Alto Networks announced its intention to acquire CyberArk for $25B.
  • According to research from analyst Francis Odum, 93% of breaches are preventable through improved identity security controls.

Questions worth separating out

Q: How should security teams govern identity risk across humans, service accounts, and AI systems?

A: Teams should govern identity risk by separating lifecycle management from abuse prevention and by mapping controls to the actor type involved.

Q: Why do point solutions struggle to contain identity attacks?

A: Point solutions struggle because identity attacks rarely stay inside one control category.

Q: What breaks when AI agents are governed like machine identities?

A: What breaks is the assumption that the identity's behaviour is stable enough to be modelled at provisioning time.

Practitioner guidance

  • Map identity controls by actor type Inventory where your current programme treats humans, service accounts, and AI agents with the same control design.
  • Trace privileged pathways across silos Walk one real access path from authentication to elevation to lateral movement and record which product owns each step.
  • Re-evaluate static credential dependence Review where service accounts, API keys, and tokens still provide persistent access to production systems.

What's in the full article

Silverfort's full blog covers the operational detail this post intentionally leaves for the source:

  • How Silverfort positions identity security versus identity infrastructure across PAM, MFA, NHI, ITDR, and IGA.
  • The vendor's own view on why AI-driven identity risk changes the market timing for platform consolidation.
  • The article's internal argument for decoupling identity protection from traditional IAM silos.
  • Context on how Silverfort frames the CyberArk acquisition as a category inflection point.

👉 Read Silverfort's analysis of the CyberArk acquisition and identity security shift →

Palo Alto Networks and CyberArk: what this means for identity security?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 11787
 

Identity security is becoming the governing layer above IAM, not a feature inside it. The article is right to separate identity security from identity infrastructure, because managing identities and protecting identities are different jobs. IAM creates accounts and lifecycle states, while security has to detect misuse, reduce blast radius, and stop abuse across those states. Practitioners should treat that split as architectural, not semantic.

A few things that frame the scale:

  • Only 13% of organisations feel extremely prepared for the reality of agentic AI despite the majority racing toward autonomous adoption, according to The 2026 Infrastructure Identity Survey.
  • 69% of security leaders agree identity management must fundamentally shift to address agentic AI systems, which is why control models built for static access are already under strain.

A question worth separating out:

Q: How should organisations decide whether to consolidate identity security tooling?

A: Organisations should consolidate when fragmented tools prevent them from tracing one identity event across authentication, privilege, and movement. The question is not how many products exist, but whether the programme can produce a single control story for the attack surface. If not, consolidation may reduce blind spots more than it reduces licences.

👉 Read our full editorial: Palo Alto Networks' CyberArk deal reframes identity security



   
ReplyQuote
Share: