🔐 SailPoint ISC – September 2025 Highlights
SailPoint ISC now supports application identity subtypes under machine identities, along with multiple owner assignments to reduce orphaned accounts and improve succession planning.
Admins can now securely execute PowerShell scripts in Windows Server actions within ISC Workflows — without requiring standing admin rights.
The AIC now visualizes entitlement, role, and profile relationships — improving access governance transparency and oversight.
ISC now allows credential/config storage directly within workflows — starting with AD/Windows Server integrations — eliminating the need for a credential provider.
🔐 CyberArk – September 2025 Highlights
CyberArk disclosed a high-severity vulnerability in Secrets Manager – Self-Hosted (Conjur Enterprise), potentially enabling remote code execution. Patch versions 13.5.3 and 13.6.3 have been released.
Effective 1st November 2025, all Defender, Sentry, Guardian, and CDE certifications must be taken in-person at PearsonVue. Virtual exams only allowed until 31 October.
Omer Grossman is now Chief Trust Officer & Head of CYBR Unit; Ariel Pisetzky is named CIO. This marks a strategic move to strengthen global trust and leadership.
CyberArk was named a Leader & Outperformer for enterprise password management, praised for SSO/MFA integration, session security, and risk-based access.
🌐 StrongDM – September 2025 Highlights
StrongDM now supports secure proxying to internal Kubernetes workloads via Custom TCP, enabling access to private endpoints and non-standard ports.
Terraform can now manage grants for more resource types like Kubernetes and SSH. This enhances automation and RBAC enforcement at scale.
Credential injection now includes an "Audit-Only" mode for logging access events without executing actions — ideal for dry runs and policy validation.
Strong Vault can now set expiry dates on TLS certs, with automated rotation or alerting on expiry — reducing risk from forgotten credentials.
🔐 SailPoint ISC – September 2025 Highlights
SailPoint ISC now supports application identity subtypes under machine identities, along with multiple owner assignments to reduce orphaned accounts and improve succession planning.
Admins can now securely execute PowerShell scripts in Windows Server actions within ISC Workflows — without requiring standing admin rights.
The AIC now visualizes entitlement, role, and profile relationships — improving access governance transparency and oversight.
ISC now allows credential/config storage directly within workflows — starting with AD/Windows Server integrations — eliminating the need for a credential provider.
🔐 CyberArk – September 2025 Highlights
CyberArk disclosed a high-severity vulnerability in Secrets Manager – Self-Hosted (Conjur Enterprise), potentially enabling remote code execution. Patch versions 13.5.3 and 13.6.3 have been released.
Effective 1st November 2025, all Defender, Sentry, Guardian, and CDE certifications must be taken in-person at PearsonVue. Virtual exams only allowed until 31 October.
Omer Grossman is now Chief Trust Officer & Head of CYBR Unit; Ariel Pisetzky is named CIO. This marks a strategic move to strengthen global trust and leadership.
CyberArk was named a Leader & Outperformer for enterprise password management, praised for SSO/MFA integration, session security, and risk-based access.
🌐 StrongDM – September 2025 Highlights
StrongDM now supports secure proxying to internal Kubernetes workloads via Custom TCP, enabling access to private endpoints and non-standard ports.
Terraform can now manage grants for more resource types like Kubernetes and SSH. This enhances automation and RBAC enforcement at scale.
Credential injection now includes an "Audit-Only" mode for logging access events without executing actions — ideal for dry runs and policy validation.
Strong Vault can now set expiry dates on TLS certs, with automated rotation or alerting on expiry — reducing risk from forgotten credentials.
https://www.thirdwaveidentity.com
https://www.thirdwaveidentity.com
Start writing here...