For years, identity governance and administration (IGA) has lived in an uncomfortable middle ground—essential for compliance, but often disconnected from real-time security operations. One Identity’s latest release aims to change that equation.
With One Identity Manager 10.0, the company is positioning identity governance as an active, security-driven control rather than a back-office necessity. The upgrade introduces risk-based governance, identity threat detection and response (ITDR), and AI-assisted insights, reflecting a broader industry shift: identity is no longer just about who has access, but about how quickly organizations can detect and respond when that access becomes a liability.
In modern enterprises—where hybrid IT, SaaS sprawl, and machine identities are the norm—this evolution feels less like a feature refresh and more like a strategic realignment.
Identity Governance Grows Teeth
One Identity Manager has long been a heavyweight in large, complex environments, particularly where scale and regulatory pressure collide. Version 10.0 builds on that foundation, but with a noticeably sharper security focus.
The biggest change is how identity governance now plugs directly into risk signals. The platform can ingest user risk scores from third-party analytics and UEBA tools, allowing governance decisions to reflect real-world threat context rather than static policy alone. In practice, that means access reviews and remediation actions can be triggered by suspicious behavior, not just calendar-driven audits.
This shift mirrors what’s happening across cybersecurity: controls are moving closer to real-time detection and response. Identity governance, once measured in weeks or months, is being pulled into the same operational tempo as SOC workflows.
ITDR Moves From Concept to Execution
Identity Threat Detection and Response has been a buzzword for the past couple of years, often discussed but unevenly implemented. One Identity Manager 10.0 takes a more pragmatic approach by embedding ITDR playbooks directly into governance workflows.
These playbooks automate high-impact actions such as disabling compromised accounts, flagging incidents for investigation, and launching targeted attestations. The goal is simple but powerful—shorten the gap between detection and action, which remains one of the most dangerous windows in identity-driven attacks.
Compared to traditional IGA platforms that rely heavily on manual intervention, this automation brings identity governance closer to endpoint and network security tooling. It also reduces dependency on human escalation paths, which are notoriously slow during active incidents.
A Modern Interface for a Historically Heavy Platform
Large-scale IGA systems aren’t known for elegance, and One Identity Manager has historically prioritized depth over accessibility. Version 10.0 makes a notable move toward usability with a fully browser-based administrative interface.
The new UI delivers full administrative functionality without requiring desktop installation—a practical but meaningful improvement for distributed teams and managed service providers. For organizations running identity governance across regions and business units, this lowers operational friction and speeds up onboarding.
It’s a reminder that usability isn’t just a convenience feature; in security tools, it often determines whether controls are used consistently or bypassed entirely.
AI-Assisted Insight—Without Handing Over the Keys
AI is everywhere in security marketing, but One Identity’s approach here is relatively restrained—and that may be its strength.
AI-assisted reporting allows authorized users to query identity data using natural language, reducing reliance on complex SQL queries. For audit teams, compliance officers, and security analysts, this can significantly speed up investigations and reviews.
Crucially, the AI model is secure and customer-controlled, addressing one of the biggest concerns enterprises have with generative AI: data exposure. Rather than shipping sensitive identity data off to an opaque external service, One Identity is positioning AI as an internal accelerator, not a risk multiplier.
This puts the feature closer to an analyst productivity tool than an autonomous decision-maker—a distinction many CISOs will appreciate.
Stronger Hooks Into the SOC
Another under-the-hood improvement is enhanced SIEM compatibility through standards-based Syslog CEF formatting. While not flashy, this matters.
Identity data is only as valuable as its integration into broader security operations. By improving interoperability with modern SIEM platforms, One Identity Manager 10.0 makes it easier to correlate governance events with logs from endpoints, networks, and cloud services.
The result is a more cohesive security picture, where identity governance isn’t siloed but contributes directly to detection, investigation, and response workflows.
Designed for Scale, Not Just Features
Third-party validation underscores the release’s focus on large environments. According to Ciro Guariglia, CTO of Intragen by Nomios, the changes go beyond surface-level enhancements.
Improvements to the data model, automation engine, and policy-driven attestations aim to make massive certification campaigns easier to manage—an area where many IGA tools struggle. At enterprise scale, even small inefficiencies can turn access reviews into operational nightmares.
By reducing administrative burden, One Identity is addressing one of the quiet pain points that often limits how aggressively organizations enforce governance policies.
Why This Release Matters Now
The timing of One Identity Manager 10.0 is telling. Identity-driven attacks—credential abuse, privilege escalation, lateral movement—remain among the most effective techniques used by adversaries. At the same time, enterprises are under pressure to prove compliance, resilience, and security maturity to regulators and customers alike.
This release reflects a growing consensus: identity governance can’t remain passive. It must participate directly in threat detection and response, or it risks becoming irrelevant in high-speed attack scenarios.
While rivals in the IGA and identity security space are also pushing toward ITDR and AI-assisted workflows, One Identity’s strength lies in its installed base and experience with complex deployments. The challenge will be execution—ensuring these new capabilities deliver real-world speed and clarity, not just additional configuration options.
Identity Governance as a Frontline Control
With One Identity Manager 10.0, identity governance steps out of the audit cycle and into the security stack. It’s no longer just about proving who had access last quarter, but about deciding—quickly—who should have access right now.
For enterprises wrestling with scale, complexity, and relentless identity threats, that shift could be the difference between containment and compromise.
Power Tomorrow’s Intelligence — Build It with TechEdgeAI
