Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

8/15/2014
02:08 PM
50%
50%

Identity And Access Management Market Heats Up

The past few weeks have seen a number of acquisitions and investments surrounding cloud and on-premises IAM vendors.

It's been a busy week in the identity and access management (IDAM) space.

Earlier this week, IBM announced its acquisition of Lighthouse Security Group, with an eye towards building out its identity management business. In the deal, IBM got a cloud-based platform that includes a suite of functionality based on IBM's Security Identity and Access Management capabilities, including user provisioning, identity life cycle governance, and single sign-on.

But that was not the only acquisition announced this week dealing with identity and access management in the cloud. Kaseya also announced its purchase of Scorpion Software this week, with the goal of delivering Scorpion's AuthAnvil product through the Kaseya cloud.

"I think it's clear there's a lot more interest these days in delivering identity management as a service because it’s a lot less complex," says Garrett Bekker, senior analyst with 451 Research. "You can hand off a lot of the complexity to the service provider and you don’t have to deal with it."

The exact financial details of both the IBM deal for Lighthouse Security Group and Kaseya's acquisition of Scorpion Software were not disclosed.

According to Bekker, the identity management as a service (IDaaS) space is nascent but growing.  

"I think these acquisitions to some extent indicate there's more interest in … managing identity through the cloud," he says. "So I think or we think there's going to be more M&A [merger and acquisition] activity around identity and I think it's fair to say a good portion of that will involve companies who have some way of delivering identity and access management services through a cloud-based model."

Jim Reavis, CEO of the Cloud Security Alliance (CSA), says IAM in the cloud has tremendous market potential as cloud consumers look to federate corporate identity stores with hundreds and even thousands of the cloud services they use. This reality increases the need for strong authentication and identity-aware network security services, he adds.

Beyond IBM's purchase of Lighthouse Security Group and Kaseya snapping up Scorpion Software, the IAM space has seen other significant moves of late as well: Technology investment firm Thoma Bravo agreed to invest in SailPoint, which specializes in identity and access management both in the cloud and on-premises. IBM last month also acquired Italy-based CrossIdeas with the stated goal of delivering next-generation identity and access governance capabilities to combat access risks and segregation of duty violations.

"The addition of CrossIdeas extends IBM’s market share leading portfolio of identity and access management capabilities," says Brendan Hannigan, General Manager of IBM Security Systems, in a prepared statement. "IBM can now provide enterprises with enhanced governance capabilities and transparency into risk from the factory floor to the board room, giving leaders the insight they need to protect their brand and customers."

 

Brian Prince is a freelance writer for a number of IT security-focused publications. Prior to becoming a freelance reporter, he worked at eWEEK for five years covering not only security, but also a variety of other subjects in the tech industry. Before that, he worked as a ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
SahibK389
50%
50%
SahibK389,
User Rank: Apprentice
2/28/2019 | 1:19:44 AM
SahibKumarKhan
thanks for sharing
acepsaepul23
50%
50%
acepsaepul23,
User Rank: Strategist
2/7/2018 | 8:49:32 PM
Bismillah
Authentication is one of the key weapons attackers need to move within a network and get to the information they want, so it's interesting that we are Harga Walatra Zedoril 7 seeing so much market activity around identity and access management now. Password problems always get all the attention, but it's the actual provisioning and managing part of user credentials and authorization that are crucial inside an enterprise.

stevelarsc
50%
50%
stevelarsc,
User Rank: Apprentice
7/7/2017 | 1:54:10 AM
Hi
thanks 
Tylerlee77
50%
50%
Tylerlee77,
User Rank: Apprentice
3/13/2015 | 3:18:18 AM
Re: IDAM Identity
You have done really informative post. I think it's a great research on it and you have mentioned some tips regardign research in this post. Keep sharing.
safetymatsuk.co.uk/safety-flooring/outdoor-safety-mats.html
William L. Lind
50%
50%
William L. Lind,
User Rank: Apprentice
8/16/2014 | 5:18:01 AM
Re: IDAM Identity
The management market heats the target group of people and the target clients. The IBM helps to understand the policy and the strategy by which the customers will get the most possible benefits from this IBM tool. The best paper writing service oceanreview will help to identify the best sites among the tons of the sites available in the market.
Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
8/15/2014 | 3:40:19 PM
IDAM Identity
Authentication is one of the key weapons attackers need to move within a network and get to the information they want, so it's interesting that we are seeing so much market activity around identity and access management now. Password problems always get all the attention, but it's the actual provisioning and managing part of user credentials and authorization that are crucial inside an enterprise.
Commentary
How SolarWinds Busted Up Our Assumptions About Code Signing
Dr. Jethro Beekman, Technical Director,  3/3/2021
News
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing Writer,  3/2/2021
News
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing Writer,  2/26/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: George has not accepted that the technology age has come to an end.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-26814
PUBLISHED: 2021-03-06
Wazuh API in Wazuh from 4.0.0 to 4.0.3 allows authenticated users to execute arbitrary code with administrative privileges via /manager/files URI. An authenticated user to the service may exploit incomplete input validation on the /manager/files API to inject arbitrary code within the API service sc...
CVE-2021-27581
PUBLISHED: 2021-03-05
The Blog module in Kentico CMS 5.5 R2 build 5.5.3996 allows SQL injection via the tagname parameter.
CVE-2021-28042
PUBLISHED: 2021-03-05
Deutsche Post Mailoptimizer 4.3 before 2020-11-09 allows Directory Traversal via a crafted ZIP archive to the Upload feature or the MO Connect component. This can lead to remote code execution.
CVE-2021-28041
PUBLISHED: 2021-03-05
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
CVE-2021-3377
PUBLISHED: 2021-03-05
The npm package ansi_up converts ANSI escape codes into HTML. In ansi_up v4, ANSI escape codes can be used to create HTML hyperlinks. Due to insufficient URL sanitization, this feature is affected by a cross-site scripting (XSS) vulnerability. This issue is fixed in v5.0.0.