The management of digital identities is currently undergoing rapid transformation. As hybrid and multi-cloud environments become increasingly complex, the rise of artificial intelligence and the proliferation of non-human agents requiring constant access to critical systems further complicate the landscape. In this context, Ping Identity has announced the integration of Just-in-time (JIT) Privileged Access capabilities into its platform, strengthening what the company calls its “identity trifecta”: Access Management (AM), Identity Governance and Administration (IGA), and Privileged Access Management (PAM).
This development represents a significant step in the evolution of centralized identity management solutions. According to the company, the new approach aims to provide a modern alternative to traditional PAM methods based on password vaults, which struggle to keep pace with permissions in the cloud and emerging business dynamics.
Peter Barker, Ping Identity’s Chief Product Officer, emphasized:
“By adding PAM, we’re empowering organizations to adopt just-in-time privileged access and address a broader set of identity and security challenges—all within a unified platform.”
A shift toward automation and zero trust
The new PingOne Privilege enables users to request temporary and contextual access to cloud environments (AWS, Azure, GCP), on-premises servers, databases, or Kubernetes clusters, following best practices of zero trust. Its key features include:
- JIT privileged access: On-demand temporary sessions that reduce the risk associated with permanent credentials.
- Passwordless access: Authentication via certificates and Trusted Platform Module (TPM) instead of SSH keys or static passwords.
- Compliance: Session recordings and audit trails that meet standards such as SOX, GDPR, HIPAA, and PCI-DSS.
- Hybrid support: Granular control over multi-cloud infrastructures and Kubernetes with adaptive policies in real-time.
This initiative is backed by the recent acquisition of Procyon, a cloud-native startup founded in 2021, designed for DevOps workflows and aimed at simplifying privileged access in hybrid environments.
A strategic vision: identity as a single foundation
Andre Durand, CEO and founder of Ping Identity, took the announcement further:
“We are at a critical inflection point where AI is reshaping the landscape and eroding trust. Ping is now uniquely positioned to equip organizations with next-generation privileged access capabilities, securing the entire spectrum of identities from one trusted platform.”
With this move, Ping aligns with the broader trend of converging identity controls, already driven by competitors like CrowdStrike (with its Falcon Next-Gen Identity Security, introduced last week) and Microsoft Entra. The key difference lies in their focus: while CrowdStrike emphasizes protection for AI agents and non-human accounts through detection and response, Ping aims to unify access and privilege management into a single stack with a strong emphasis on governance.
Comparing with competitors: two approaches to the same challenge
- CrowdStrike Falcon Next-Gen Identity Security: Native security focus encompassing human, non-human, and AI agent identities, enhanced with AI-driven real-time detection.
- Ping Identity Platform with PingOne Privilege: Centers on centralized management offering on-demand privileged access, passwordless authentication, and regulatory compliance, leveraging integration with AM and IGA.
Both approaches signal a paradigm shift: traditional PAM based on vaults is now obsolete. The future points toward ephemeral, passwordless identities governed by adaptive policies and managed through unified platforms.
Risks and context: AI bubble impacting identity
Ping’s announcement also sparks a broader debate on the AI and cybersecurity investment bubble. The race to secure identities amid autonomous agents and multi-cloud environments is fueling an influx of acquisitions and developments that may risk creating the very fragmentation and complexity they aim to mitigate.
While Ping promotes unification under a single umbrella, analysts warn that complete convergence remains distant. Regulators’ increasing demands (GDPR, DORA, NIS2) and the need to manage identities at a global scale across hybrid environments could challenge even well-established platforms.
Frequently Asked Questions (FAQ)
1. What is just-in-time (JIT) privileged access?
A model where users obtain temporary, controlled permissions to access critical resources, reducing the risk associated with permanently compromised credentials.
2. How does PingOne Privilege differ from traditional PAM?
Unlike vault-based systems, PingOne offers passwordless access, integrated auditing, and granular control across multi-cloud and Kubernetes environments.
3. How does Ping compare to CrowdStrike or Microsoft?
While CrowdStrike focuses on disrupting identity attacks—including AI agents—Ping consolidates access and privilege management with governance as an integrated platform.
4. What role does AI play in this landscape?
AI increases the number of identities and non-human agents in circulation. Both Ping and CrowdStrike are seeking to proactively address this challenge by providing adaptive controls that minimize attack surfaces.