Evolution of IAM: How Identity Fabric Can Streamline Identity Controls and Management
In our remotely connected world, identity and access management (IAM) has become a fundamental security issue. With the traditional corporate network perimeter rendered obsolete, IAM can combine context, continuity and consistency to provide a complete understanding of the identity of the user and the device, enabling secure and reliable access by establishing explicit trust in a zero-trust world. As classic and GenAI technologies continue to grow, new opportunities and threats will drive IAM’s transformation.
Traditional IAM models rely on a perimeter-centric corporate network, managing the identities of users and machines across an increasing list of applications and services in hybrid and multi-cloud environments. These models are not sustainable. Organizations must advance and modify their IAM from a set of discrete tools and processes that manage users and entitlements toward a highly resilient, integrated identity that is secure, interoperable and distributed.
Identity-first security marks a fundamental shift from the reliance on static perimeter-based controls that have become obsolete due to the decentralization of computing resources, channels, entities and devices. It underscores the need for more visibility and control in IAM execution. It also allows enterprises to achieve better security for IAM infrastructure and services based on the identity-first security principles of continuous, consistent and contextual.
Orchid Security is building identity infrastructure-as-a-service, offering visibility into the identity posture of enterprise applications, and retrofitting or onboarding the applications to centralized access (e.g. Microsoft Entra, Okta, Ping) and governance systems (e.g. SailPoint/Saviynt). The company's platform creates a comprehensive identity fabric that facilitates identity control to standardize the authentication and authorization processes, provides centralized visibility and policy definition, and simplifies the orchestration of recipes and easy codeless remediation across applications.
Its solution dynamically refines the sequence of prompt queries to engage with one or more pre-trained large language models (LLMs), based on the extracted code samples and artifacts. The recent developments of LLM have enabled Orchid Security to scale its solution across the enterprise.
We first met Orchid Security’s founders Roy Katmor, Ido Kelson and Robert Wiseman in early 2024 and were impressed with the team’s ability to provide an impactful solution that addressed a crucial gap in the market. At the time, existing products and processes were taking months to deploy, holding companies back from fully integrating applications into their identity program. Orchid Security’s straightforward deployment was much needed.
Its solution continuously identifies, assesses and retrofits an application’s identity controls to enable personalized digital experiences and meet compliance requirements, overcoming inherent integrations or legacy control flaws. Customers no longer need to deal with lengthy and costly Access Management and IGA deployments involving app refactoring. Orchid Security ensures seamless and swift identity stack integration – without the need for coding or cumbersome manual processes.
We are excited to co-lead, together with Team8, the Series Seed announced today and looking forward to working with Orchid Security as they enable businesses to streamline their IAM process and help companies to consume, retrofit, and manage modern identity solutions and controls.
