MSSP, Identity

MSSP Market News: 90% say AI has exposed an identity security gap

(Adobe Stock)

90% of IT leaders believe their identity-management systems need improvement to deal with the risks created by agentic AI, according to an IDC survey sponsored by Commvault. Only 26.7% have dynamic role-based access controls in place for AI and analytics, and just 24.7% have documented and tested their Active Directory and Entra ID recovery capabilities. And nearly 59% said their identity approach needs major changes or a complete overhaul.

That is the core problem. Companies are adding AI agents, service accounts, and machine identities faster than they can manage them. These identities can access sensitive systems and data around the clock, often without the same oversight given to employees. Companies need to know who owns each identity, what it can access, how it is being used, and what happens if it is compromised.

Identity is already becoming one of the biggest conversations in the MSSP market. This week, identity startup Oak emerged from stealth with $60 million in funding to build a platform for governing human, machine, and AI identities. That investment points to where the market is heading. Customers now have a growing number of AI agents, service accounts, and machine identities that need to be identified, controlled, and monitored.

For MSSPs, the job is to find and monitor non-human identities, control what they can access, and help customers recover after an attack. Restoring data is not enough if Active Directory, Entra ID, or AI agent permissions are still compromised.

Market Pulse: Cybersecurity Deals, Funding, and Platform Shifts

Sophos launches Fusion cybersecurity platform: Sophos has launched Fusion, an AI-based cybersecurity system connecting security operations, endpoint, network, identity, email, and cloud protection through one architecture. The platform can bring Sophos and third-party security data into the same environment, giving MSSPs a potential route to consolidate tools and coordinate response across customer environments.

Smarttech247 introduces an agentic SOC for Microsoft Security: MDR provider Smarttech247 has introduced an agentic SOC capability through its VisionX platform for organizations using Microsoft Sentinel, Defender, and Entra. The service uses AI to investigate alerts, gather evidence, and support response, while analysts retain control over containment decisions. Smarttech247 is building its service around Microsoft tools customers may already own, rather than requiring another security stack, which can help providers reduce investigation time and get more value from existing Microsoft licenses.

Vectra AI expands its Endace alliance: Vectra AI has expanded its partnership with Endace, allowing it to sell Endace probes alongside its security and observability platform. The combination connects Vectra’s network detections with Endace’s continuous packet capture, giving analysts access to packet-level evidence when investigating suspicious activity. For MSSPs, this improves alert validation and incident reconstruction, particularly for regulated customers, although storage costs, data retention, and multi-customer management will determine how practical the model is for service providers.

Oak emerges from stealth with $60 million for identity security: Oak emerged from stealth with $60 million in seed funding co-led by Accel, Greylock, and CRV. Its identity platform is designed to discover and govern human, machine and AI-agent identities through a continuously updated control plane spanning cloud, SaaS, on-premises, and custom applications.

Beacon Security raises $13 million for agentic security operations: Beacon Security raised $13 million in seed funding led by Notable Capital to expand its platform for building and running AI agents across cybersecurity workflows. The company is focused on creating a common data and orchestration layer that security teams can use for investigations, threat detection and response. Beacon said it recorded 300% ARR growth during the first half of 2026, suggesting customers are beginning to fund agentic security projects that move beyond isolated AI assistants.

Valarian raises $50 million for sovereign security infrastructure: Valarian raised $50 million in Series A funding led by NEA, bringing its total funding to $70 million. The UK company is developing ACRA, a control layer designed to isolate sensitive workloads and govern how data, infrastructure, and AI systems are accessed across cloud and on-premises environments. The funding reflects growing demand for sovereign security platforms among governments and regulated businesses that want tighter control over where data is stored and who can reach it.


Have news to share or just want to connect? Reach anytime at [email protected].

Suparna Chawla Bhasin

Suparna is the Senior Managing Editor for CyberRisk Alliance’s Channel Brands, including MSSP Alert and ChannelE2E. She manages content development, sharpens editorial workflows, and ensures storytelling is tightly aligned with audience needs. With a background in technology, media, and education, she combines strategic insight with creative execution.

You can skip this ad in 5 seconds