Cybersecurity Vendors Shift Toward Identity-Centric Models
The cybersecurity landscape has undergone a massive shift. In the old days, security was about building a “fortress” around an office (the perimeter). But with the rise of remote work and cloud services, that perimeter has dissolved.
Today, Identity is the new perimeter. Vendors are shifting away from protecting “where you are” (the network) to “who you are” (the identity).
Why the Shift?
Traditional firewalls can’t stop a hacker who has stolen a legitimate employee’s password. Identity-centric security assumes that the network is already compromised, so it verifies every single access request based on the user’s identity, device health, and behavior.
1. Adaptive Risk-Based Authentication
Vendors are moving beyond simple passwords. New models analyze context before granting access.
- The Concept: If you log in from your usual laptop in New York at 9:00 AM, you get right in. If you suddenly try to log in from a new device in a different country ten minutes later, the system blocks you or demands extra verification.
- Example: Okta and Microsoft Entra ID use machine learning to assign a “risk score” to every login attempt in real-time.
2. Zero Trust Network Access (ZTNA)
Traditional VPNs give users keys to the whole “house.” ZTNA gives them keys only to a specific “cabinet.”
- The Concept: Access is never permanent. It is granted on a per-session basis and only for the specific application the user needs.
- Example: Zscaler and Cloudflare have moved toward ZTNA models where the “identity” of the user determines which private apps are even visible to them, hiding the rest of the network entirely.
3. Identity Threat Detection and Response (ITDR)
Since identity is the primary target, vendors are building specific tools to “hunt” for identity-based attacks like credential stuffing or privilege escalation.
- The Concept: Monitoring how identities behave to catch a “wolf in sheep’s clothing.”
- Example: CrowdStrike (traditionally an antivirus/endpoint vendor) acquired Preempt Security to integrate identity monitoring. They now look for “impossible travel” or unusual service account usage as signs of a breach.
4. Convergence: The “Identity Fabric”
Large vendors are trying to create a unified “fabric” where identity, endpoint security, and cloud security all talk to each other.
- The Concept: Instead of five different security tools, one identity-centric platform manages everything.
- Example: Cisco has pivoted heavily into this space with “Cisco Security Cloud,” integrating Duo (identity) with their network hardware to ensure that only verified identities can touch their switches and routers.
Summary of the Transition
| Feature | Legacy Network-Centric | Modern Identity-Centric |
|---|---|---|
| Focus | Protecting the IP address/Network | Protecting the User/Entity |
| Trust Model | Trust anyone inside the office | Trust no one; verify everyone |
| Access | Broad (once you’re in, you’re in) | Granular (only what you need) |
| Primary Tool | Firewalls and VPNs | IAM, MFA, and ZTNA |
Related:
- Cyberhaven Launches Agentic AI Security as Shadow Agents Move Onto the Enterprise Endpoint
- Palo Alto Networks Rewrites Security for the Agentic AI Era
- RSAC Conference 2026, March 23–26, San Francisco
- AI-Speed Warfare Comes to Cybersecurity: Booz Allen’s Vellox Suite Signals a Structural Shift
- Cape Rebuilds the Mobile Carrier from Scratch, Raises $100M to Turn Privacy into Infrastructure
- Semgrep Pushes Deeper Into AI-Native AppSec
- Cloaked Bets Big on AI-Driven Privacy as $375 Million Raise Signals a Shift in Digital Power
- Discern Security Pushes Cybersecurity Into the Agentic Era Ahead of RSA Conference 2026
- XBOW Raises $120 Million at Unicorn Valuation as Autonomous Offensive Security Moves Into the Enterprise
- CrowdStrike and NVIDIA Move to Secure the Agentic Stack