Orchid Security Adds Ability to Audit Behaviors by Identity
Orchid Security today added an ability to conduct audits to its platform that enables cybersecurity teams to track behaviors of specific identities.
Orchid Security Adds Ability to Audit Behaviors by Identity
Orchid Security today added an ability to conduct audits to its platform that enables cybersecurity teams to track behaviors of specific identities.Company CEO Roy Katmor said Identity Audit is designed to make it possible to unify proprietary audit data captured from unmanaged applications with audit logs data collected from third-party identity and access management (IAM) platforms.Armed with those insights, it then becomes possible to correlate identity behavior across an entire application to identify where governance gaps exist because, for example, a specific control has not been properly implemented, he added.The overall goal is to surface the “dark matter” to provide a provable understanding of how identities are actually used, their intent, and the risks they introduce across both managed and unmanaged applications, said Katmor.For example, early adopters of Identity Audit have found that 70% of applications have excessive access privileges, with 60% granting broad admin or application programming interface (API) access to external third parties. A total of 40% of all accounts across applications were also found to be orphaned, while 85% of applications have accounts from legacy or external domains, with 20% of these being from consumer email domains.Cybersecurity teams have been employing multiple IAM tools and platforms for decades, but they still generally lack the visibility and context required to effectively enforce controls and policies, he added. The Orchid Security platform collects telemetry data from applications that enables cybersecurity teams to observe behavior, including logins, logouts and Joiner/Mover/Leaver changes, to explain not just what happened but also insights into why it occurred, noted Katmor.Those signals are then fed into an analytics engine that makes use of large language models (LLMs) to identify issues in near real time to make sure policies are consistently being enforced in a way that enables organizations to pass any potential audit more easily, he added.That’s crucial because once it becomes simpler to enforce the appropriate controls at the right time, the amount of toil and fatigue that many cybersecurity teams currently experience will decline, noted Katmor.While cybersecurity spending is expected to increase in 2026, it’s not clear how budget dollars will be allocated. There are so many attack surfaces to defend that cybersecurity budgets are now diluted across multiple tools and platforms. However, as more cybersecurity teams focus on implementing zero-trust controls, there’s more focus on identity management than ever. For example, The Futurum Group is forecasting that investments in IAM platforms will reach $27.58 billion in 2026, representing a 16.5% compound annual growth rate.Additionally, the National Security Agency just published its first in a series of Zero-Trust Implementation Guidelines (ZIGs) to specifically encourage more private sector organizations to view identities as the new security perimeter.Ultimately, it’s not a question of when organizations will finally move to better secure both human and non-human identities, especially in the age of artificial intelligence (AI) agents that, in the absence of any formal governance policies, will access any and all data made available. The issue then becomes determining not only who accessed that data, but also what they did with it.
About Author
