- You might be thinking your company’s cybersecurity is solid. Think again.
- The Problem: Your AI Agents Have Keys to Your Kingdom
- Why This Is Happening Now
- What SailPoint Is Getting with Entro
- What the Leaders Are Saying
- What This Means for Filipino Businesses and IT Teams
- Tech Patrol Insight: The Security Perimeter Is Gone — Identity Is the New Border
- Final Thoughts
You might be thinking your company’s cybersecurity is solid. Think again.
You’ve locked down your employees’ accounts. Every person in your organization has a username, a password, maybe even multi-factor authentication. You feel protected. But here’s the thing — your AI tools, your cloud apps, your automated scripts? They’re logging in, too. And nobody’s watching them.
That’s the security blind spot that SailPoint is now racing to close.
On June 15, 2026, SailPoint (Nasdaq: SAIL) announced its intent to acquire Entro, a Tel Aviv-based cybersecurity company specializing in non-human identity (NHI) security. And if you’ve never heard of “non-human identities” before, that’s exactly the problem.
The Problem: Your AI Agents Have Keys to Your Kingdom
Think of your office building. Every employee has a keycard. If someone loses theirs, IT cancels it. Simple.
Now imagine thousands of invisible “employees” — AI bots, automated workflows, API connections — each carrying their own keycard, accessing your most sensitive data 24/7. Nobody knows exactly how many there are. Nobody knows what doors they can open. Nobody’s checking if one of them has gone rogue.
That’s what’s happening inside most companies today. As businesses rapidly deploy AI agents and cloud automation, they’re creating a massive wave of non-human identities — and most of those identities are completely ungoverned.
Here’s where it gets interesting: according to industry analysts, non-human identities now outnumber human ones by a ratio of 50 to 1 in many enterprise environments. That’s 50 invisible actors for every real employee — and traditional security tools weren’t built to see them.
Why This Is Happening Now
The explosion of AI tools, cloud platforms, and DevOps automation has changed the game entirely. Every time a developer connects a tool to your company’s systems — a CI/CD pipeline here, a SaaS integration there — they’re creating a new non-human identity. Each one carries credentials: API keys, tokens, secrets, certificates.
These credentials are often hardcoded into scripts, left unrotated for years, or shared across multiple systems. When one is compromised, the damage can cascade through your entire organization faster than any human hacker could move.
That’s where this acquisition comes in.
What SailPoint Is Getting with Entro
SailPoint is already one of the biggest names in enterprise identity security — the business of making sure the right people access the right systems. But until now, their focus has been largely on human identities.
Entro changes that equation dramatically. Here’s what the acquisition adds:
🔍 Coverage for 1,000+ Non-Human Identity Types
Entro’s platform can discover and monitor more than 1,000 types of AI agents and machine identities — out of the box. No custom configuration needed. For enterprise IT teams already stretched thin, that’s a massive time saver.
🔑 Discovery of 1,200+ Credential Types
From API keys to certificates to secrets stored in developer tools, Entro can scan across 70+ enterprise sources — cloud environments, CI/CD pipelines, SaaS tools — and find credentials that may be lurking undetected.
👤 Tying Machine Identities Back to Humans
This is the piece most security tools miss. Entro doesn’t just find the non-human identity — it maps it back to the human who owns it. That creates accountability. When something goes wrong, you know who to call.
⚡ Real-Time Threat Detection for AI Agents
Using its proprietary Non-Human Identity Detection and Response (NHIDR™) technology, Entro continuously monitors AI agents for unusual behavior — catching threats at machine speed, before humans would even notice something is wrong.
What the Leaders Are Saying
“By bringing Entro’s powerful and complementary technology into our SailPoint platform, we will be giving our customers an even bigger advantage: frictionless, complete visibility into every non-human identity and — crucially — the context and credentials they use to access critical corporate data.” — Mark McClain, CEO and Founder, SailPoint
“As enterprises embrace more automation and agentic workloads, this massive identity layer is only becoming more critical to protect.” — Itzik Alvas, Co-Founder and CEO, Entro
What This Means for Filipino Businesses and IT Teams
Now here’s the bigger picture — and why this matters even if you’re running a mid-sized company in Manila, Cebu, or anywhere in the Philippines.
Filipino enterprises are rapidly adopting cloud tools, AI assistants, and automated systems. From e-commerce platforms using payment APIs, to BPO companies running automated workflows, to startups connecting dozens of SaaS tools — every one of those connections creates a non-human identity.
Most local IT teams are still focused on securing human accounts. That’s understandable — it’s where most traditional training points. But cybercriminals have already shifted their attention to the easier target: those unmonitored API keys and tokens.
The 2024 Verizon Data Breach Investigations Report noted that credential abuse remains the top attack vector globally. A significant and growing portion of those credentials aren’t tied to any human — they’re machine credentials left unprotected.
For Philippine businesses particularly, the risks are real. Regulatory pressure from the National Privacy Commission (NPC) and global standards like ISO 27001 increasingly require organizations to account for all system access — human or not. A breach traced back to an unmonitored API key could mean significant fines, reputational damage, and loss of client trust.
Tech Patrol Insight: The Security Perimeter Is Gone — Identity Is the New Border
The cybersecurity industry has been talking about “zero trust” for years. The idea is simple: don’t trust anything or anyone by default — verify everything, every time. But zero trust only works if you know who — or what — is asking.
That’s been the missing piece. Companies have invested heavily in securing human identities. But the rapid growth of AI agents, cloud automation, and interconnected software has created a new attack surface that most security tools simply can’t see.
SailPoint’s acquisition of Entro is a direct response to this market reality. And it signals a clear industry direction: the next wave of enterprise security will be built around governing non-human identities with the same rigor we currently apply to human ones.
For CISOs and IT decision-makers, this is a wake-up call. The question is no longer “who has access to our systems?” It’s “what has access — and should it?”
Companies that answer that question now will be far better positioned than those who wait for a breach to force the issue.
Final Thoughts
SailPoint’s move to acquire Entro isn’t just a business deal — it’s a signal about where the entire cybersecurity industry is heading. AI is transforming how companies operate, and that transformation is creating identity risks that traditional tools were never designed to handle.
The deal is expected to close in Q3 of fiscal year 2027, pending customary regulatory approvals. Once complete, SailPoint customers will gain unprecedented visibility into every identity — human and machine — operating within their environments.
For Philippine businesses navigating digital transformation, the message is clear: securing your people is no longer enough. Your bots, your APIs, your AI agents — they need to be secured, too.
👉 Is your organization already tracking your non-human identities — or is this a blind spot you haven’t tackled yet?
