AI Access Control

SailPoint Officially Acquires Entro Security Adding Non-Human Identity Governance to Agentic Fabric

SailPoint has completed its acquisition of Entro Security, bringing together identity governance and real-time machine identity security. The move aims to give organizations a single control plane to manage the growing risk of autonomous AI agents alongside traditional human and machine identities. With Entro now fully integrated, SailPoint customers gain immediate visibility and control over unmanaged credentials and AI agents.

Updated on June 29, 2026
SailPoint Officially Acquires Entro Security Adding Non-Human Identity Governance to Agentic Fabric

SailPoint has closed its acquisition of Entro Security, a Tel Aviv-based company specializing in non-human identity and credentials governance. Financial terms were not officially disclosed, though Calcalist reported the deal at roughly $200 million. Entro had raised $24 million across its seed and Series A rounds before the acquisition. The deal adds three capability areas to SailPoint's Agentic Fabric platform: agentless discovery of the tools, APIs, and credentials that AI agents use to execute tasks; lineage mapping that ties non-human identities back to accountable human owners; and real-time behavioral monitoring through Entro's Non-Human Identity Detection and Response technology, which SailPoint calls NHIDR.

The combined platform will cover more than 1,000 non-human identity and agent types and discover over 1,200 credential categories across more than 70 enterprise sources. Those sources include cloud environments, developer tools, CI/CD pipelines, and SaaS collaboration platforms. The acquisition comes roughly six weeks after SailPoint launched Agentic Fabric, its dedicated infrastructure for securing autonomous AI agents and machine identities at scale.

"The recent launch of our Agentic Fabric established a new paradigm for securing autonomous AI agents and non-human identities at scale, including native discovery, governance and protection. By bringing Entro's powerful and complimentary technology into our SailPoint platform, we will be giving our customers an even bigger advantage: frictionless, complete visibility into every non-human identity and — crucially — the context and credentials they use to access critical corporate data."— Mark McClain, CEO and Founder, SailPoint, June 15, 2026

The timing follows a period of growing attention in the enterprise security market toward non-human identity governance. Machine identities now outnumber human identities in most large enterprise environments by a significant margin, and the protocols governing them have lagged behind the rate at which AI agents, service accounts, and automated workflows are being deployed. Coupang's $409 million PIPC fine in June 2026 traced directly to a failure in credential lifecycle management for a non-human identity — a former employee's cryptographic signing key that was never revoked. The governance gap that Entro was built to address is not theoretical. It has a dollar value attached to it.

Conditions Driving This Change

Several converging pressures in the first half of 2026 moved non-human identity governance from a recognized risk category into active procurement conversations at large enterprises.

  • AI agents operate continuously across enterprise systems, accessing databases, calling APIs, writing to production environments, and interacting with third-party services — often without any human reviewing individual actions. Each of those interactions requires a credential. Most organizations have no inventory of those credentials.

  • The Coupang PIPC fine — $409 million for a breach traced to an unrevoked former employee credential — established a documented dollar consequence for credential lifecycle failures. The governance gap it exposed applies directly to non-human identities: credentials provisioned for automated workflows and never reviewed or revoked.

  • Machine identities now significantly outnumber human users in most enterprise environments, according to SailPoint's own platform data. The organizational processes designed for human identity governance — provisioning reviews, access certifications, offboarding checklists — do not cover this scale of non-human credential volume.

  • The Shai-Hulud and Mastra supply chain attacks in May and June 2026 both compromised CI/CD pipelines. Both attacks depended on the ability to use legitimate credentials within build and deployment infrastructure that organizations had not treated as an identity governance surface.

  • Regulatory frameworks now impose accountability requirements that demand human ownership of AI system behavior. SR 26-02 in financial services, the EU AI Act's deployer obligations, and Singapore's agentic AI governance framework each require organizations to identify who is responsible for specific AI system actions. Lineage mapping between non-human identities and their human owners is the operational mechanism that produces that accountability.

  • SailPoint's own Agentic Fabric platform, launched in May 2026, created a product gap the company needed to close through acquisition. Entro's agentless discovery and NHIDR capabilities address exactly the credential depth and real-time monitoring that Agentic Fabric required to cover the full machine identity surface.

What AI Security Looked Like Before

Enterprise identity security was built around human users. The core workflow was provisioning: someone joins the organization, an account gets created, access gets assigned according to their role, and the process reverses when they leave. Identity governance platforms developed around this lifecycle — attestation campaigns that asked managers to confirm access on a periodic schedule, joiners/movers/leavers workflows that triggered access reviews at employment status changes, and privileged access management tools that required multi-factor authentication for sensitive administrative accounts.

Machine identities existed in this framework as a secondary concern. Service accounts got created when applications needed to run scheduled jobs or access shared resources. API keys got generated when teams integrated systems. Tokens got issued when OAuth connections were established. These credentials generally lived in configuration files, environment variables, and secrets managers — governed informally, audited rarely, and revoked inconsistently when the systems or people associated with them changed.

The primary reason this worked well enough for long enough is that machine identities historically had limited surface area. A scheduled job ran on a predictable path. A service account authenticated to a single database. An API key called one vendor's endpoint. The scope was bounded by what the application was designed to do, and the application changed infrequently enough that periodic manual reviews could theoretically keep up.

AI agents changed that model completely. An agent tasked with research can touch a document store, a web browser, an internal knowledge base, and three external APIs in the span of minutes. It generates behavioral patterns that no human designed and no static configuration describes. The governance infrastructure built for human users and static machine accounts had no mechanism for discovering, scoping, monitoring, or attributing accountability for that kind of entity.

What It Looks Like Now

Entro's technology approaches non-human identity governance in three stages that address the gaps the prior generation of tools left open. The first is discovery. Entro's agentless scanner covers more than 1,000 NHI and agent types and identifies over 1,200 credential categories — including secrets, keys, tokens, and certificates — across cloud environments, developer tools, CI/CD pipelines, and collaboration SaaS. It does this without requiring instrumentation of the systems being scanned, which matters for organizations trying to get an inventory of machine identities without a months-long deployment project.

"We built Entro with a clear mission: to secure the modern cloud by discovering and protecting the sheer volume of credentials and non-human identities powering it. As enterprises embrace more automation and agentic workloads, this massive identity layer is only becoming more critical to protect."

Itzik Alvas, Co-Founder and CEO, Entro

The second stage is attribution. Entro's lineage mapping connects discovered non-human identities to their human owners by tracing relationships, permissions, usage patterns, and access paths. This produces the accountability record that regulators and auditors increasingly require — a documented chain from an agent's actions to the person responsible for authorizing and reviewing them. SailPoint's access certification and lifecycle governance infrastructure then handles the ongoing review and revocation work against that record.

The third stage is real-time protection through NHIDR. Once an identity is registered and governed, Entro's monitoring layer watches for behavioral anomalies — credentials used outside expected patterns, access to systems outside declared scope, authentication events that don't fit the agent's operational profile. Automated remediation can revoke or scope down access when anomalies cross defined thresholds, without waiting for a human to notice and act. Combined with SailPoint's zero-standing privilege enforcement, the result is a credential governance architecture where access is scoped to the minimum required for a specific task, issued for the duration of that task, and revoked at the end of it.

Our Take

The AI Security Take

The Coupang fine and the SailPoint-Entro deal are describing the same problem from two different directions. Coupang had a non-human credential — a cryptographic signing key — that persisted beyond the employment of the person associated with it, provided ongoing access to systems containing 33.7 million customer records, and was never detected through any internal monitoring system. A regulator found it. That is the worst possible detection mechanism.

The enterprise security market's response to that gap is now a consolidating product category. SailPoint's acquisition of Entro follows 1Password's acquisition of Apono at a reported $250-300 million, and the broader movement of major identity security vendors toward non-human identity as the primary growth surface. SecurityWeek's M&A tracker counted roughly 190 deals in 2026 through the time of this announcement. A meaningful fraction of them are targeting the same credential governance gap from different angles.

What the Entro capabilities add to SailPoint's platform is specifically the discovery and behavioral monitoring layer that Coupang didn't have — the infrastructure that would have surfaced a credential being used by a departed employee and triggered revocation before 33.7 million records were exposed. That capability now ships inside a platform used by enterprises with thousands of AI agents in production. The gap it closes is measurable in dollars. The question for security teams evaluating NHI tools is whether the discovery coverage is genuinely agentless, whether the lineage mapping produces audit-ready attribution rather than just a topology diagram, and whether NHIDR behavioral detection operates at inference speed rather than on a scheduled scan cycle. Those three questions separate the platforms that prevent the Coupang outcome from the platforms that document it after it happens.

Related Articles

ServiceNow Launches Autonomous Workforce and Integrates Moveworks Into Its AI Platform AI Governance Platforms

Feb 27, 2026

ServiceNow Launches Autonomous Workforce and Integrates Moveworks Into Its AI Platform

Read More
OneTrust’s New CEO Foresees Accelerating Demand for AI Governance Platforms AI Governance Platforms

Mar 7, 2026

OneTrust’s New CEO Foresees Accelerating Demand for AI Governance Platforms

Read More
OneTrust Expands AI Governance Platform as Enterprise AI Adoption Accelerates AI Governance Platforms

Mar 9, 2026

OneTrust Expands AI Governance Platform as Enterprise AI Adoption Accelerates

Read More

Stay ahead of Industry Trends with our Newsletter

Get expert insights, regulatory updates, and best practices delivered to your inbox