SailPoint Acquires Entro Security to Strengthen Automated Machine Identity and Credential Lifecycle Management
TL;DR
- SailPoint acquires Entro Security to secure non-human identities and machine credentials.
- The integration targets vulnerabilities in autonomous AI agents and CI/CD pipelines.
- New NHIDR™ technology uses SLMs to detect and remediate credential anomalies in real-time.
- The goal is to map all machine identities to human owners for better accountability.
SailPoint has officially crossed the finish line. As of June 29, 2026, the company has finalized its acquisition of Tel Aviv-based Entro Security. It’s a calculated move—one that signals a major pivot in how the industry handles the chaos of non-human identities (NHI). We’re talking about the explosion of machine credentials, service accounts, and the wild west of autonomous AI agents that have been quietly expanding the enterprise attack surface for years. By folding Entro’s specialized tech into its own ecosystem, SailPoint is betting that it can finally bring order to these complex, machine-heavy environments.
The Non-Human Identity Gap: Why It Matters
Let’s be honest: most organizations have no idea how many "identities" are actually running their infrastructure. Between API keys, service tokens, and secrets buried deep in CI/CD pipelines, the sheer volume of machine-to-machine interaction has outpaced traditional security tools. These aren't just background processes; they are high-privilege entities that often operate with zero oversight.
Entro Security built its reputation on finding these ghosts in the machine. Now, that capability is a core part of the SailPoint portfolio. The platform can currently sniff out over 1,000 distinct types of NHIs and agents, alongside 1,200 categories of secrets and certificates. It spans more than 70 enterprise sources—from cloud environments to the developer tools where most of these vulnerabilities are born.
The real magic, however, isn't just in the discovery. It’s in the accountability. SailPoint is pushing to map every single one of these machine identities back to a human owner. By enforcing this link, they’re aiming to kill off "standing privileges" and ensure that if a machine goes rogue, there’s a human stakeholder on the hook to fix it.
Plugging Into the Agentic Fabric
This acquisition isn't just about adding a new feature; it’s the backbone of the SailPoint Agentic Fabric. As AI agents start acting with more autonomy—making decisions and accessing sensitive data without a human clicking "approve"—the old ways of monitoring access just won't cut it.
Enter NHIDR™ (Non-Human Identity Detection and Response). This is the platform’s new behavioral watchdog. It doesn't just look for static policy violations; it uses small language models to spot anomalies in real-time. If a credential starts acting weird, the system doesn't just alert a tired admin—it serves up actionable remediation steps. It’s a shift from passive auditing to active defense.
| Capability Category | Scope and Impact |
|---|---|
| Discovery | Over 1,000 NHI and agent types; 1,200+ secret/token/certificate types. |
| Environment Coverage | 70+ enterprise sources including CI/CD, cloud, and developer tools. |
| Security Mechanism | Non-Human Identity Detection and Response (NHIDR™). |
| Governance | Mapping machine identities to human owners for accountability. |
| Remediation | Small language model-driven real-time threat recommendations. |
The Road Ahead
What happens to the team that built this? Entro co-founders Itzik Alvas and Adam Cheriki are moving into the SailPoint technology organization. Their job is simple but massive: keep the Entro roadmap alive while weaving it into the fabric of SailPoint’s core platform.
This follows the initial announcement of intent to acquire Entro Security, which really served as a shot across the bow for the industry. We are entering an "agentic" future where the governance of machines is just as critical as the governance of people. It’s no longer a niche concern for the security team; it’s the center of gravity for identity management.
Identity Governance, Reimagined
The formal closure of the acquisition underscores a fundamental truth: the definition of an "identity" has changed forever. For years, identity governance was about people—employees, contractors, and the occasional guest account. Today, the network is dominated by machines talking to machines.
With the Agentic Fabric, SailPoint is trying to build a unified control plane that treats a machine token with the same level of scrutiny as a human password. It’s a departure from the static, policy-heavy world of the past. By leaning into behavioral analysis and real-time remediation, the goal is to stop credential leakage and privilege escalation before they turn into a headline-grabbing breach.
In a world where AI agents are becoming part of the workforce, visibility is the only currency that matters. You can't secure what you can't see, and you certainly can't govern what you don't understand. By integrating Entro, SailPoint is attempting to bridge that visibility gap at scale. It’s a necessary evolution, ensuring that as our infrastructure gets more complex and automated, our ability to govern it doesn't get left in the dust.
