SailPoint’s acquisition of Israeli startup Entro Security represents a calculated move in the identity governance and administration market — one that simultaneously strengthens SailPoint’s NHI security credentials and expands the strategic scope of what IGA platforms are expected to deliver. The $200 million deal brings to SailPoint a technology capability that enterprise IGA programmes increasingly need but have struggled to source from traditional governance vendors.
Entro was built around a specific and growing problem: the governance of secrets and non-human identity credentials in cloud and hybrid environments. Israeli cybersecurity startups have repeatedly demonstrated the ability to identify and address security problems before the enterprise market fully recognises their urgency — and Entro’s focus on secrets lifecycle management reflects exactly this pattern. The problem of unmanaged API keys, service account tokens, and machine certificates has existed for years; what has changed is the scale at which these credentials now proliferate, and the severity of the breaches that their compromise enables.
For SailPoint, the acquisition addresses a capability gap that has become increasingly visible as enterprise customers ask how their IGA programme should govern AI agents and automated workloads. The honest answer, until now, has been that most IGA platforms govern human users well but lack the native tooling to govern machine identities with equivalent depth. Entro’s technology changes that answer for SailPoint customers.
The identity lifecycle management implications are significant. Entro’s discovery and classification capabilities enable IGA programmes to extend their governance coverage to the full non-human identity estate — not just the service accounts that have been formally registered in the identity directory, but the full population of machine credentials operating across cloud environments, CI/CD pipelines, and third-party integrations.
For IGA practitioners, the acquisition creates a decision point. Organisations that have been deferring their NHI governance investment, waiting for the market to mature, should recognise that the maturation point has arrived. SailPoint’s $200 million commitment to Entro signals that the vendor community now views machine identity governance as a core IGA capability — not a future roadmap item, but a present-day requirement.
The question for each organisation is not whether to govern non-human identities, but how quickly they can build the capability to do so — and which platform investments will best accelerate that journey.
Source: The Jerusalem Post