The enterprise security landscape has reached an inflection point. As organizations accelerate adoption of cloud, automation and artificial intelligence, identity has become the primary attack surface of the modern enterprise. Not because defenses have weakened, but because identities have multiplied and now operate continuously at machine speed, often with elevated access.
When attackers succeed today, it almost always starts with identity. Identity is now the number one attack vector. Eighty-seven percent of organizations experienced at least two successful, identity-centric breaches in the past 12 months. These breaches can lead to outages, regulatory exposure, financial loss and reputational damage.
This reality is why today marks such a pivotal moment. CyberArk is officially joining Palo Alto Networks. This step reflects a shared conviction that identity security is no longer a supporting function. To stay ahead of modern attackers, organizations need best-in-class identity security that is deeply integrated into their broader security strategy.
The Reality of the Modern Identity Attack Surface
For years, identity security focused on a relatively small population of human users, administrators and periodic access reviews. That model no longer matches reality.
Today’s enterprises depend on vast numbers of machine identities, including workloads, services, APIs and increasingly, autonomous AI agents. Machine identities now outnumber human identities by more than 80 to 1, while 75 percent of organizations acknowledge that their human identities are governed by outdated, overly permissive privileged models.
Attackers have adapted. Rather than breaking in through vulnerabilities, they increasingly log in using stolen credentials or by exploiting excessive, poorly governed access. Identity-based attacks have become the dominant breach vector because identity sprawl and standing privilege create opportunities that are difficult to detect with traditional tools.
Yet many identity programs remain fragmented. Access management, privileged access and governance often operate in silos, with delayed visibility and manual processes. Risk accumulates silently between reviews, leaving security teams reacting after the fact.
This is the problem CyberArk was built to solve.
Why Identity Security Must Be Continuous
Securing identities in this environment requires a fundamentally different approach. Identity risk changes constantly as new identities are created, permissions shift and systems scale dynamically. Controls must operate continuously, not episodically.
This means three things:
First, organizations need real-time visibility into who or what has access to critical systems across human, machine and AI identities.
Second, privilege must be applied dynamically. Access should be granted only when needed and removed automatically when it is no longer required. Standing privilege should be the exception, not the norm.
Third, governance must evolve from periodic compliance exercises to continuous enforcement that adapts as environments change.
This is the identity security vision that has guided CyberArk for decades and why joining Palo Alto Networks is such a natural next step.
Elevating Identity to a Core Platform
As part of Palo Alto Networks, CyberArk elevates identity security to a core platform pillar.
CyberArk’s Identity Security Platform is proven at enterprise scale and trusted to protect some of the world’s most critical environments. Our approach extends privileged access principles beyond a narrow set of administrators to every identity that matters.
By treating every identity as potentially privileged, organizations can dramatically reduce their attack surface. Excessive access is identified. Unnecessary privilege is removed. Attackers lose the ability to move laterally by using stolen credentials.
Elevating identity security to a platform level also enables tighter alignment with network security, cloud security and security operations. Identity becomes a powerful control plane that informs policy enforcement, detection and response across the enterprise, delivering a more complete and actionable view of risk.
Securing the AI-Driven Enterprise
This shift is especially critical as organizations deploy AI-driven systems and autonomous agents.
These systems often require persistent access to sensitive data and infrastructure, making them attractive targets for attackers and difficult to govern with legacy identity models. Most enterprises today lack effective identity security controls for machine and AI-driven systems, leaving these identities overprivileged and undergoverned.
Applying privileged access principles universally enables organizations to secure AI-driven environments without slowing innovation. Identity security becomes the trust layer that allows enterprises to scale AI responsibly, ensuring access is controlled, monitored and adjusted dynamically as systems evolve.
What This Means for Customers
For customers, elevating identity security to a core platform delivers tangible outcomes.
Organizations gain clearer insight into identity access and risk across human, machine and agentic identities. They gain stronger protection against credential-based attacks by limiting excessive privilege and reducing the paths that attackers rely on to move undetected. They also gain operational simplicity by replacing fragmented tools and manual governance with consistent, scalable controls.
Most importantly, customers gain confidence. Confidence to adopt cloud, automation and AI, knowing that identity risk is governed continuously. Confidence that security can keep pace with change rather than reacting after the fact.
Moving Forward
CyberArk’s Identity Security solutions will continue to be available as a standalone platform. Customers can rely on the solutions they trust today while benefiting from an accelerated roadmap focused on resilience, simplicity and improved security outcomes.
At the same time, integration is underway to bring CyberArk’s best-in-class identity security capabilities more deeply into the Palo Alto Networks security ecosystem. Our priority is to listen closely to customers, meet their immediate needs, and build the path forward together.
The AI era is redefining how enterprises operate and how attackers operate alongside them. Securing every identity, human, machine and AI agent is no longer optional. It is foundational.
By bringing CyberArk into Palo Alto Networks, we are taking a decisive step toward redefining identity security for the modern enterprise and helping our customers stay secure as they innovate at speed.