Today, identity security company Silverfort is announcing the release of two new foundational capabilities – Access Intelligence and Identity Graph & Inventory. This further expands Silverfort’s identity security platform, which the company considers to now be the broadest in the market. Silverfort brings observability and enforcement of inline security controls to every type of identity, from humans to machines and AI agents, across every enterprise system and environment, from on-prem to cloud. This includes even systems that can’t be protected by any other solution such as legacy applications, command-line interfaces and IT/OT infrastructure. Silverfort discovers every identity, maps every access path, and enforces real-time security controls to stop any identity threat, block lateral movement and prevent privilege escalation.
“Silverfort has been around going on nine years, and our platform itself is all focused around identity security,” said John Paul Cunningham, Silverfort’s CISO. “When companies get breached today, I would say the number one reason that they have a breach, and that the breach is successful is because of weak identity security. You have accounts that just rely on passwords alone. They might be human accounts. They may be non-human accounts. A lot of people have implemented multi-factor authentication at the initial login, but the problem is the attackers already are inside. They’re already compromising that person or the credential, and there’s no additional challenge as they try to access systems or as they move through the organization and they get to wherever they want. The whole reason that Silverfort exists is really to enhance that security, to be able to give intelligence as to how identities are flowing through the organization, where there are potential weak identities and weak security. We also extend, almost like an identity firewall, to every identity within the organization – denying access based on risk, based on where the identity is originating from. Being able to say, ‘before you access this, you need to give us an additional authentication to prove that you are really who you are’ is really a foundational zero trust principle, where we have to assume every identity is compromised. We can’t trust any identity implicitly, and so that’s why these breaches occur.”
There are many companies in the identity space, from Microsoft Entra ID and Okta at one end to dozens of startups at the other. Silverfort’s preference is to work with them when possible,
“We collaborate with the large identity providers like Okra and Microsoft,” Cunningham stated. “Microsoft Entra ID is a very big one that gets used, and we just enhance what they do. So they’re kind of the providing the credential and the platform to put it in. They may be even providing a mechanism for multi-factor but we enhance that by giving a lot of threat intelligence, a lot of intelligence about the identities, and putting controls around those, so that that you can lock them down and restrict them to the least privilege and to be challenged under. That’s how we stop breaches.
“One of the things that we did was partner with Microsoft,” Cunningham continued. “We came up through their Microsoft incubator program, and so we were seen as almost being designed with Microsoft in mind, with Microsoft being one of the largest providers of operating systems and identity, and I think that was a platform on which we could build and gain that market penetration. We also have very extensive integrations with all kinds of other security systems, like SIEMs. We even do integrations with anti-virus, EDR providers. So, I think the power of Silverfort is that we have so many partners and so many integrations. When you think about needing that identity platform, that comprehensive identity platform, we’re positioned in such a way, and we were one of the first innovators in this, this area of extending identity, that that is why I think Silverfort is leading the way in the industry as when it comes to this kind of this unified identity security platform.”
The launch of Access Intelligence and Identity Graph & Inventory serves as another major step towards Silverfort’s vision – end-to-end identity security for the enterprise, from a single unified platform – a vision that the company says is now a reality for Silverfort customers.
“I would absolutely say we’re able to deliver on the vision today,” Cunningham stated. “We are able to protect identities. We’re able to give organizations much greater insight into their service accounts, or non-human identities in a way that is really game-changing and allows organizations to truly understand what is actually happening with identities inside their organization. The two enhancements in this release are just taking that to the next level. We want to continue to give more intelligence, more capabilities, to organizations.
The latest release makes the Silverfort Identity Security Platform the most complete identity security platform on the market to-date, and the first to deliver unified visibility and inline identity protection for all human, machine and agentic AI identities across cloud, on-prem, and hybrid environments – in one unified platform. These complementary capabilities close a longstanding market gap, delivering great observability into the entire identity fabric, including identity storylines, effective privileges, and actual user access to resources across hybrid environments.
“Silverfort Access Intelligence enables organizations to understand, not only the permissions, but exactly the parameters on when and how they’re being used, and give them a greater visualization of that, as well as stale identities, or identities that maybe are overprivileged and being used, but maybe not being used in that way,” Cunningham said. “What if we’ve given credentials and capabilities and they are not ever being touched, never being used. We’re trying to give that greater insight, graphically and through the platform, to organizations so they can even be more agile, more capable at securing their identities and removing privileges where they need to be removed.”
Silverfort Access Intelligence goes beyond showing who has the permissions, to showing who is really using them, and who is not. It maps identity access paths and access activity across both on-premises and cloud environments, helping organizations uncover hidden access paths, enforce Least Privilege, remove stale resources, and stop threats before they spread. Organizations can use this powerful visibility to remove unnecessary access or retire unused assets and accounts, which also helps in cutting significant costs to the organization. They get full context into access paths, usage patterns, and protection gaps at-a glance.
“Silverfort Access Intelligence is an evolutionary enhancement of what we have done in the past,” Cunningham said. “As a CISO what scares me the most is Blind Spots. We have always given insights into non-human and human identities and how they were being used. Now, Access Intelligence allows drilling into every use in real time, and allows organizations to analyze how identities are being used and detect anomalies. I think its going to be a game changer.”
The other new offering, Silverfort Identity Graph & Inventory, takes IAM observability to the next level. It helps organizations understand their hybrid identity fabric, improve efficiency and eliminate security blind spots. It shifts visibility from static, fragmented reports organizations struggle to gather from the various IAM silos, to dynamic, real-time maps of identities, entitlements, attributes, and relationships. It provides a unified, centralized view of identities and their relationships across cloud and on-prem, with both visual graphs and detailed exportable tables. By unifying visibility into a single source of truth, customers have the context to understand identities and their identity attack surface across complex hybrid environments. It can visually map the identities tied to a user across different identity providers, apps and environments, which is now all available in one place, without having to go to each IAM silo. Its single source of truth helps to meet regulatory and compliance requirements, simplify audits and enhance day-to-day IAM and security operations.
“I think the Identity Graph & Inventory is another one of those kind of key frameworks,” Cunningham said. “It’s like an evolution of what we’ve been doing, which allows us to get from a static point-in-time report that we had been doing to really dynamic real time. This is how it has changed. Maybe the risk conditions change or the threat conditions change. So it’s really allowing that dynamic, real time mapping of identity entitlements and relationships between the identities and resources that they’re going after, so teams can drill down and investigate and even with almost like a single step, mitigate a risk that they find or that’s being identified by the tool. So we are able to do the vision now, but we’re taking it to the next level of excellence and intelligence to really enable our customers to have even greater tools and greater access to information.”
“When you couple them together, the access intelligence and identity graph platform, I think it’s going to be really innovative for organizations, and it’s going to really shift the focus from maybe a point in time report to more of a dynamic consolidated holistic view and map of identities, their entitlements and their relationships to each other. I think that’s one of the hardest things when I talk about blind spots. It’s knowing how identities relate, how they’re actually being used, and how and how they’re being connected to the resources within my organization, and I think that’s the real power of this new capability, to give a tool that’s really never existed before to organizations.”
While the two new features are important, more is in the way.
“Those are the two major items for this release, although we’re continuing to enhance the capabilities that we’ve introduced in prior versions,” Cunningham said. So you can expect more features, more capabilities in those. We’ve implemented a privileged access as a service, like a real time enablement of privileged accounts. I think that’s that’s something that’s continuing to have greater features and greater capabilities. And it’s really an exciting area, it is enabling just-in-time entitlement of privileged accounts and and I think that’s a game changer. So instead of privilege all the time, or this account active all the time, it’s only enabled when it’s needed and that provides a level of security against being stolen and used in an attack.
“In terms of things that are new, we aren’t ready to publicly announce what we’re doing, but there is some definitely cool things that we’re planning,” Cunningham added. “When it comes to the evolution of the threat landscape, with agentic AI and those kinds of things around AI security, those are, those are certainly areas that companies need to look at.”
Cunningham also addressed the significance of the partner play with the new capabilities.
“I would say that that I think this version is a huge leap forward for Silverfort, and that it is probably one of the biggest releases we’ve ever done,” he said. “It’s packed full of new capabilities and features, including the ones we’re talking about. So I believe truly that our partners and our customers are going to see this as a not just a incremental improvement, but a huge leap forward, a huge step up and it’s going to be a true game changer. I believe that as people unpack it and understand the investment that Silverfort has made here that that will take us to that next level. Identity security truly is the linchpin for all breaches. It’s the master key that’s being exploited. We’ve got some stats that say 59% of all confirmed breaches involved an identity. But I’d say it’s even higher than that, because for an attacker to be successful, they have to compromise an identity, they have to be able to get to the place that they want to go, or they’ve got to be able to compromise the machines, put ransomware on them, and to do that, they’ve got to move laterally and through your organization, and the only way to really do that is through an identity. So I really believe this is probably one of our largest releases, and it’s going to be impactful. It’s going to be very impactful. And our partners, I think, will be very excited about it. This really does extend that identity protection to every type of identity across every single environment, and unifies the capabilities of teams to understand what identities are being used, where, when, how and by whom.”