Hi,
Welcome to the third Identity Market Intelligence report.
Identity or cybersecurity professionals do not need to stay constantly on top of every update; this reading will keep you up to date.
summary
Sector pressure
Identity pressure is intensifying from both attacks and regulation. Active PAN-OS and Check Point authentication bypasses, infostealer-driven credential reuse, and admin-account creation flaws show identity as the breach surface. Meanwhile, EU age-verification, EUDI Wallet, certification, privacy-preserving proof, and post-quantum credential updates are turning identity architecture into a compliance-critical transaction layer.
Where the market is going
The market is moving from login-centric IAM toward reusable, workflow-native trust. Signals point to AI agents as governed identities, wallets expanding into business authorization and signatures, continuous trust replacing one-time KYC, and identity extending into healthcare, physical environments, and regulated transactions where usability, assurance, and portability matter equally.
Vendor moves
Vendor strategy is concentrating around AI-era identity, non-human identities, and regulated trust. SailPoint’s Entro move adds secrets and machine-identity visibility; Saviynt is extending governance into Claude Enterprise; hyperscalers and core IAM vendors are pushing passkeys, agent governance, and orchestration. Commercial momentum is shifting from feature depth toward platform breadth, ecosystem reach, and execution.
Implications
Implications for CISOs and Identity Managers
Prioritize remote access hardening for VPNs, gateways, admin creation paths, and session-bearing infrastructure.
Expand identity risk reviews to include AI agents, service accounts, secrets, and delegated machine actions.
Build a roadmap for wallet-based verification, proof-of-age, and reusable credential acceptance.
Add procurement criteria for certification, privacy-preserving verification, and audit-ready trust evidence.
Reframe identity as a business control layer supporting transactions, compliance, and operational resilience.
Implications for Identity professionals
Develop hands-on expertise in passkeys, verifiable credentials, wallet flows, and continuous trust models.
Learn to govern non-human identities across AI agents, connectors, secrets, and runtime permissions.
Strengthen skills in authorization design, fine-grained policy, and auditable delegated access.
Translate identity architecture into business outcomes such as onboarding speed, fraud reduction, and compliance readiness.
Position yourself closer to product, risk, and platform teams shaping digital journeys and regulated workflows.
Implications for identity vendors
Package AI-agent governance, discovery, ownership, and runtime controls as core platform capabilities.
Connect identity products to enterprise AI platforms, regulated workflows, and continuous trust use cases.
Embed privacy-preserving verification, age assurance, and reusable credential patterns into product design.
Strengthen go-to-market narratives around machine identity, regulated trust, and workflow-native identity value.
Invest in ecosystem partnerships, certification readiness, and deployment simplicity to accelerate buyer adoption.
What to watch
Emerging signals
AI agents are becoming first-class identities across enterprise control planes.
Wallets are expanding from citizen IDs into business authorization.
Continuous trust is replacing one-time verification in regulated environments.
Likely next moves
Vendors will acquire machine-identity and secrets-management capabilities around AI.
More platforms will embed passkeys and high-assurance authentication defaults.
Governments will push interoperable wallet rails into mainstream services.
Potential risk
Authentication infrastructure flaws will keep delivering direct trusted access.
Poor AI identity governance will create fast-moving privilege sprawl.
Data-heavy verification journeys will trigger privacy and compliance exposure.
Strategic focus area
Build inventory, ownership, and policy for human and machine identities.
Modernize verification architecture around wallets, credentials, and selective disclosure.
Align identity roadmap with transaction security, compliance, and business workflows.
Event time horizon
Short term: More urgent patching, passkey rollouts, and AI governance pilots.
Mid term: Wallet interoperability and continuous trust shape production programs.
Long term: Identity becomes transactional infrastructure for digital business operations.
