SailPoint advances identity security to deliver visibility, control and scale across every enterprise identity

Delivering new capabilities in cloud, non-employee risk management, machine identity, and connectivity to strengthen enterprise identity security

AUSTIN, Texas - September 30, 2025 - SailPoint, Inc. (Nasdaq: SAIL), a leader in enterprise identity security, today announced a series of new enhancements that extend the breadth and depth of SailPoint Identity Security Cloud. These include new capabilities for SailPoint Non-Employee Risk Management and Machine Identity Security, along with a series of deep Connectivity updates.

"As digital ecosystems expand, enterprises must govern not only humans but also the rise of machine and agent identities-identities that often outpace the capabilities of legacy tools," said Chandra Gnanasambandam, EVP of Product and CTO, SailPoint. "These identities often remain undiscovered or under-governed, creating unmanaged privileges and security gaps. SailPoint is addressing these challenges with differentiated features across our portfolio, all designed to deliver automation, context and precision at scale."

SailPoint Identity Security Cloud: Differentiated by design
At the heart of these enhancements is SailPoint Identity Security Cloud, built to deliver breadth and depth across all identities. Covering every enterprise identity type-employees, non-employees, machines and agents-Identity Security Cloud combines precise lifecycle controls with intelligent automation to close critical gaps that legacy approaches leave behind, delivering adaptive identity that evolves with enterprise needs.

This momentum comes to life through several enhancements designed to simplify governance and expand automation. By automating lifecycle processes, reducing standing privileges, and embedding context-rich controls, enterprises minimize risk while maintaining agility. Flexible access models, streamlined reconciliation, and safe task delegation free up teams to move faster without sacrificing compliance-delivering greater clarity, control and confidence across the enterprise.

"We aren't incrementally checking boxes," said Gnanasambandam. "We are building momentum across our unified platform that gives enterprises a strategic advantage: the ability to move faster while staying secure."

SailPoint Non-Employee Risk Management: Securing the extended workforce
SailPoint Non-Employee Risk Management ensures that today's extended workforce is governed with equal rigor, now enhanced through integration with Microsoft Entra Verified ID. This integration adds the ability to leverage third-party verifiable credentials and biometric verification, enabling faster, high-assurance onboarding of non-employees. Combined with bulk approvals, attribute synchronization and direct role provisioning, enterprises can govern third-party identities at the same speed and scale as employees. This reduces manual effort, accelerates time-to-value, and eliminates blind spots.

"SailPoint Non-Employee Risk Management functions have enabled us to automate the Joiner-Mover-Leaver cycle of consultants," said Luca Barezzani, ICT Security Senior Specialist at Illimity Bank. "They can now be managed directly by internal contacts, without going through any IT department, tickets or approvals. At the same time, Non-Employee Risk Management secures and streamlines the collection of personal data needed for the most critical applications and making the employee himself autonomous in this step."

SailPoint Machine Identity Security: Built for scale
Machine identities are multiplying rapidly, outpacing legacy governance capabilities. SailPoint Machine Identity Security is purpose-built to close this gap-delivering clear discovery, classification, and ownership of machine accounts at enterprise scale. Crucially, it also enables organizations to certify machine identities by linking them to the humans they represent. With the new multi-host classification, customers can define machine account rules once and apply them across hundreds of sources, streamlining setup and ensuring consistent discovery across complex environments. Combined with the introduction of machine account sub-types which provide distinctions between service accounts, bots, and shared accounts, SailPoint has set the standard for true, purpose-built, machine identity security.

Beyond discovery enhancements, Machine Identity Security is evolving to strengthen accountability and reduce risk. Organizations can assign multiple owners to machine identities and set up succession plans for ownership transitions, eliminating blind spots from orphaned accounts. A new centralized view of machine access entitlements provides the visibility needed to spot over-permissioned accounts, enforce least privilege and act quickly with full context. Together, these innovations give enterprises clarity and control at the same rigor as human identities.

Connectivity: Broader integrations, deeper protection

SailPoint Connectivity enhancements include expanded SAP GRC Firefighter access, enhanced Virtual Appliance (VA) capabilities that enable multiple products such as Data Access Security and Privilege Task Automation to run on a single cluster, and broader integrations with tools like BeyondTrust, MacOS password reset, and JDBC for low-code provisioning. These advances build directly on the company's recent SailPoint Advanced Application Management announcement, reinforcing SailPoint's unmatched ability to connect across every level of application security-Application Visibility, Application Compliance and Application Deep Governance-delivering the right solution for the right customer at the right time.

This foundation was further strengthened by SailPoint's acquisition of certain assets from Savvy, expanding the company's ability to unify and simplify connectivity at scale. Together, these enhancements extend the depth and breadth of SailPoint Connectivity, helping organizations secure more of their business-critical applications with ease through an adaptive identity foundation.

"Identities multiply faster than ever before, and enterprises need visibility, control and agility to protect what matters most while moving at the pace of business," said Matt Mills, President, SailPoint. "We're reimagining identity security for the realities of the modern enterprise by unifying governance across every identity type to close the gaps that siloed, legacy approaches leave behind. In a world where identity drives both digital transformation and risk, SailPoint delivers the confidence enterprises need to thrive."

Resources:

• Identity Security Cloud
• Non-Employee Risk Management
• Machine Identity Security
• Connectivity
• Success Acceleration Service Packages

###

About SailPoint
At SailPoint, we believe enterprise security must start with identity at the foundation. Today's enterprise runs on a diverse workforce of not just human but also digital identities-and securing them all is critical. Through the lens of identity, SailPoint empowers organizations to seamlessly manage and secure access to applications and data at speed and scale. Our unified, intelligent, and extensible platform delivers identity-first security, helping enterprises defend against dynamic threats while driving productivity and transformation. Trusted by many of the world's most complex organizations, SailPoint secures the modern enterprise.

Media Relations for SailPoint

Samantha PersonSenior Manager, PR & Corporate [email protected]