.svg)
This year’s SailPoint Navigate conference was a showcase of innovation, technical depth, and community spirit. Here are the six highlights that stood out most from our experience at Navigate 2025.
The Navigate Hackathon was a true highlight for our team, with Michael Bird, Medo Hafnaoui, and Philip Martinez bringing home the first-place trophy. The team’s winning entry, OwnerShip, addresses a key gap in identity management by simplifying how organizations handle identity-linked object ownership.
OwnerShip enables teams to monitor users with high levels of ownership, transfer ownership between identities, and manage open approvals associated with those objects—all in a seamless, intuitive workflow.
Learn more about OwnerShip and its impact on identity management in the SailPoint Developer Community.
“Winning the Hackathon was a fantastic experience. The UI Dev Kit opens up new possibilities for ISC functionality.”
Medo Hafnaoui, Senior Platform Architect
A recurring theme throughout the conference was the expanding focus on identities beyond humans. SailPoint’s new Agent Identity Security (AIS) module was unveiled, offering powerful tools to discover, govern, and secure AI agents at the entitlement level. This shift reflects the growing complexity of identity landscapes as organizations prepare for an era dominated by machine and agent identities.
“Agent Identity Security (AIS) is an exciting addition to further the governance of customer environments, as the use of agents is becoming more prevalent in the enterprise.”
Matt Graves, Principal Solution Advisor
IdentityIQ (IIQ) remains a cornerstone of SailPoint’s platform, and the IIQ Roadmap session drew some of the largest crowds at Navigate. The upcoming IIQ 9.0 release promises a modernized UI, simplified certifications, and new SaaS integrations, including MCP Server. While IdentityIQ 9.0 introduces valuable enhancements, the upgrade process, particularly the transition from Java EE to Jakarta EE, will require thoughtful planning and execution to navigate effectively.
“IdentityIQ 9.0 is coming with some great updates, but the migration will be a challenge, especially moving to Jakarta EE.”
Michael Bird, Senior Platform Architect
SailPoint’s new Identity Graph capability was a standout innovation, enabling teams to visualize relationships between identities, roles, and entitlements. This tool empowers organizations to shift from reactive identity management to proactive oversight, offering critical visibility into complex relationships and access patterns. By connecting SailPoint data with other identity sources like Active Directory and CyberArk, teams can better understand and manage access across their entire ecosystem.
“The Identity Graph lets us move from reactive responses to proactive control, really letting you see how everything connects.”
Philip Martinez, Director of IAM: SailPoint
The traditional model of certifying static entitlements is being replaced by a focus on certifying the policies and mechanisms that drive access provisioning and deprovisioning. With zero standing privilege and ephemeral access models, organizations must now verify the rules and models that grant access, rather than just the entitlements themselves. This shift requires a new approach to access governance and ongoing policy review.
“Instead of just certifying who has access to what, we’re now looking at the actual rules and processes that grant that access. It’s a big shift in how we think about identity governance.”
James Yoder, Product Manager
Leadership at SailPoint and across the industry is prioritizing rapid application onboarding, moving from project-based to programmatic approaches. Crowd sourcing, management, visualization, and impact analysis are becoming essential tools for driving adoption and enforcement. MajorKey is exploring ways to help organizations streamline onboarding through innovative products and collaborative strategies.
As we catch up on sleep and reflect on our time at SailPoint Navigate 2025, our team left energized by the mix of technical innovation, real-world collaboration, and fresh perspectives around identity security. We’re excited to apply what we learned, especially as machine and agent identities take center stage in our daily operations.
And of course, winning the Hackathon was a highlight we won’t forget!
Discover how IDProof+'s advanced AI, biometric authentication, and deepfake detection protect organizations from fraud, streamline remote hiring, and ensure GDPR compliance.
MIM is now in extended support, but what's the right migration path for your organization? This blog series will examine the options and key considerations to help MIM users to determine their path to the cloud.
This three-part webinar series brings together leading voices to discuss transforming identity security through intelligent automation.
With machines now outnumbering humans by staggering ratios, unmanaged identities have become a critical, and often overlooked, attack vector that organizations can no longer afford to ignore.
Unlock operational insight with IdentityLens—MajorKey Technologies’ advanced reporting and analytics platform for managed services—empowering organizations with real-time identity data, automated compliance, and actionable dashboards for smarter, safer IT operations.
MajorKey’s HorizonID is a transformative solution that bridges the gap between legacy identity systems and modern cloud-based strategies.
Discover how MajorKey’s Managed Operations (MOps) empowers organizations to achieve secure, scalable, and outcome-driven identity management with expert guidance, automation, and 24/7 support. Learn how MOps streamlines operational efficiency, reduces risk, and drives measurable progress for modern identity programs.
NomadID by MajorKey Technologies is an Identity, Credentialing, and Access Management (ICAM) solution designed for Department of Defense (DOD) and federal agencies operating in Disconnected, Denied, Intermittent, Low-Bandwidth (DDIL) environments. It ensures uninterrupted authentication and single sign-on (SSO) capabilities even during network outages or hostile conditions, combining identity management, security monitoring, and governance locally at the edge to uphold security standards and maintain seamless access in challenging or disconnected scenarios.
Whether you're securing privileged access, enabling self-service recovery, or modernizing identity, MajorKey’s IDProof+ provides a proven defense against fraud and identity-based threats.
Non-human identities (NHIs) such as service accounts, bots, and API keys operate autonomously across IT environments but often lack proper provisioning, lifecycle management, and oversight, making them a critical security risk. Effective NHI management requires inventory and ownership clarity, strict access controls based on least privilege, automated lifecycle management, continuous monitoring, and executive alignment to reduce breach risks and ensure compliance.
Identity and Access Management (IAM) can be sold to business leaders effectively by focusing on business outcomes rather than technical jargon. Emphasizing benefits such as increased employee productivity through streamlined access, faster onboarding with automated provisioning, enhanced audit compliance with automated role management, improved customer loyalty via seamless and secure login experiences, and uninterrupted business operations by ensuring timely access to tools helps connect IAM to revenue growth, customer satisfaction, and operational efficiency.
A critical zero-day vulnerability in Microsoft SharePoint Server on-premises, tracked as CVE-2025-53770 and nicknamed "ToolShell," is actively exploited, allowing unauthenticated attackers to execute arbitrary code remotely, potentially compromising entire servers and networks. Microsoft has released emergency patches and mitigation guidance, urging all users to apply updates immediately, enable advanced detection tools like Microsoft Defender, rotate ASP.NET machine keys, and strengthen access governance with Privileged Access Management (PAM) to protect against this severe threat.
Microsoft Entra Global Secure Access is a unified Security Service Edge (SSE) platform combining Microsoft Entra Private Access for secure, identity-based access to private applications and Microsoft Entra Internet Access providing cloud-based Secure Web Gateway and threat protection for internet and SaaS access. It enforces Zero Trust principles, centralizes policy management, enables continuous risk assessment, and delivers seamless, agentless user experiences, making it a modern replacement for traditional VPNs.
Identiverse 2025 highlighted critical trends in identity and access management, including the urgent need for convergence between identity and network access, and the rise of AI agents and non-human identities (NHIs) as major security priorities. The conference emphasized that identity is now a central pillar of organizational strategy, requiring robust governance frameworks to manage AI agents and NHIs, which outnumber human identities by at least 20:1, and underscored the importance of identity resilience, continuous verification, and advanced technologies like behavioral biometrics and decentralized identity to restore trust in digital interactions.
Covering the latest thought leadership, events, and news about identity security
.svg)
.svg){kind=icon}
