Two companies that are former Gartner Cool Vendors and who share a similar vision to drastically improve identity security are now one entity. Silverfort, a growing identity security company, acquired Rezonate, a provider of identity-first security for cloud environments. Silverfort’s platform unites disjointed, siloed identity components, and Rezonate’s products provide identity solutions for human and non-human identities accessing cloud infrastructures and SaaS apps. Together, they will build a unified identity security platform to address known vulnerabilities in identities that cybercriminals exploit. The new platform should be available by mid-2025.
A Unified Identity Security Platform
Identity and compromised credentials are the primary entry point for cybercriminals. According to CrowdStrike’s 2024 Global Threat Report, 80% of attacks are identity-based. The ability of attackers to access networks using compromised identity credentials has not changed much over the years. The 2024 Verizon Data Breach Investigations Report states that 31% of all data breaches over the past decade involved stolen credentials. The problem is exacerbated by the increasing reliance on cloud computing and the Internet of Things (IoT). An FBI public service announcement stated that criminals are increasingly compromising IoT devices by taking advantage of weak authentication mechanisms.
This situation spurred the founders of both companies to improve identity security. The protection of identities is normally a component of an organization’s overall identity infrastructure. There are numerous identity security solutions that address individual security issues, such as privilege management or abnormal behavioral detection. This infrastructure is disjointed. A unified solution is required. “To bring modern security everywhere – to every corner of the fragmented identity infrastructure – security must be delivered as a seamless layer. It cannot be implemented system by system.” This is the viewpoint of Silverfort CEO and co-founder Hed Kovetz.
Roy Akerman, CEO and Co-Founder of Rezonate, added that “to stay ahead of rapidly evolving identity threats, organizations need a single platform that solves this problem holistically, not in silos. Together, we are creating a powerhouse platform uniquely positioned to shape the future of identity security and finally give organizations the solution they need and deserve.”
Addressing Critical Security Gaps
Cybercriminals target identity credentials (i.e., passwords) because they are easy targets. The techniques include brute-force attacks, phishing/social engineering, password-reset services, and insider threats. The loss of credentials would be a less serious problem if identity security was stronger. Many organizations have multiple identity systems and single-purpose security products that provide Identity Threat Detection and Response (ITDR), Privileged Access Management (PAM), and Multi-factor authentication (MFA). This combination does not allow for the visibility and controls organizations require.
Silverfort's platform is designed to address the gaps in identity security. It integrates with existing identity infrastructures. It monitors the access activities of all users and systems to detect and remediate risks. By ingesting and correlating the identity data and searching for anomalous behavior, malicious traffic patterns, and policy violations, a complete view of identity activities is possible. The key to the technology is that by monitoring communications, there is no need for agents or code changes. It provides a window into the activities of systems that are hard to protect, including homegrown and legacy applications, IoT devices, databases, and more. With the purchase of Rezonate, Silverfort will be able to extend its capabilities into the cloud.
Launch and Future Prospects
The holistic identity security platform that will emerge from this acquisition should be launched in the middle of 2025. This platform will offer full visibility into all aspects of identity -- both on-premises, cloud infrastructures, and SaaS applications. The combination of multiple identity security capabilities within one platform will have some ripple effects across the security industry.
The most immediate impact could be advancing the adoption of Zero Trust, which has been growing in usage. Zero trust operates on the premise that you need to assume breach and not trust entities without verification. It relies heavily on identity components, including least privilege enforcement and continuous verification. It also requires visibility by requiring inspection, logging, and analysis of resource requests in order to discover strange behavior and actions. Silverfort’s architecture enables customers to enable identity-based zero-trust security without needing to rebuild their systems. Extending this to the cloud will offer organizations additional reasons to adopt a zero-trust framework.
Artificial intelligence (AI) is changing the way products work. It can improve performance and uncover information humans might miss. Both Silverfort and Rezonate use AI within their solutions. Silverfort has an AI-based automated discovery tool to discover service accounts based on machine-like behavior and uses AI within its risk engine that continuously analyzes authentication activities to detect a wide range of malicious behaviors and threats. Rezonate has “Zoe,” an AI assistant for identity security. Zoe can discover misconfigurations, risks, and over-privileged access.
Other companies within the Identity and Access Management segment will need to assess how they will compete with a platform that offers customers a modern identity-first security solution. Some companies that offer complementary components, such as multi-factor authentication and threat intelligence, will partner with Silverfort. There will probably be additional acquisitions as competitors consolidate to create comprehensive offerings to directly compete with Silverfort.
Final Thoughts
Cybercriminals will continue to target access management systems until organizations embrace identity-first security, which will provide end-to-end visibility, detection, remediation, and orchestration across the full spectrum of computing. To fully defend themselves, organizations need to embrace an identity-centric security position. The adoption of a Zero Trust framework has moved organizations in this direction but they need to fully support a security strategy that emphasizes that identity-based security is the foundational element behind infrastructure protection. The decentralization of assets, uses, and devices across a wide range of environments is forcing a shift in protection mechanisms.
The acquisition of Rezonate by Silverfort is designed to re-invent identity security. It is a combination of bringing together two companies with a common vision, complementary strengths, and innovative technologies. Ultimately, the combined company should offer organizations a holistic solution to satisfy the need for comprehensive identity security. It could drive the whole industry to improve how all forms of identities are secured.
