Silverfort has built its reputation on runtime identity protection, securing access decisions as they happen. That has become more important as cloud, generative AI, and agentic AI expand the number of identities inside organizations, giving attackers more ways to exploit identity gaps.
The
growth of non-human identities (NHIs) – attached to machines, AI agents, software, bots, services, and the like – is rapidly outpacing that of human identities, and NHIs by their nature can’t be protected by traditional security tools.
Last month, Silverfort announced a
strategic partnership with cybersecurity vendor
SentinelOne to advance runtime security for human and non-human identities. The company also announced that it is bringing its technology to Agent Gateway, part of
Google Cloud’s new
Gemini Enterprise Agent Platform.
Sandwiched between the two announcements was another one, in which Silverfort acquired startup
Fabrix Security, a move that
Ben Goodman, vice president of strategic alliances for the company, told MSSP Alert will “close the gap in identity security between decision-making and enforcement.”
Shift Toward Dynamic Decision-Making
“Silverfort has always focused on enforcing controls in line, at the point of authentication and access,” Goodman said. “Fabrix brings an AI-native decisioning engine that understands identity context in real time, including who or what is accessing, what they’re trying to do, and whether that behavior makes sense. It’s powered by an identity knowledge graph that connects permissions, activity, and context to drive more accurate decisions.”
The combination “enables a shift away from decisions that are made ahead of time and enforced later toward a model where decisions can be made dynamically at runtime and enforced immediately in the same flow,” he said.
Securing NHIs
NHIs have become a key security concern for organizations and MSSPs alike. It’s not just the skyrocketing numbers of non-human identities that are being created that are generating worry, Goodman said.
“It’s that these identities are now being used dynamically by APIs, service accounts, and AI agents that act autonomously,” he said. “Traditional identity models weren’t built for that. They still rely on static controls defined upfront, while access is being used in real time across hybrid systems. That creates a fundamental gap between how access is granted and how it’s actually used.”
Silverfort's RAP
The Silverfort Identity Security platform includes the vendor’s Runtime Access Protection (RAP) technology, which integrates with a user’s entire identity access management (IAM) infrastructure. It analyzes every authentication, enforces controls and policies, and extends protection to NHIs. The company says it is being used by more than 1,000 organizations, many in the Fortune 100.
Fabrix was founded last year, raising $8 million in seed money. It offers an AI-native security platform that helps organization faster and more accurate decisions around access by both human and NHIs. Its identity knowledge graph maps all identities and permissions across SaaS, cloud, and on-premises environments, providing a unified view to detect risks, over-privileged accounts, and unused permissions. It includes context-aware AI agents to evaluate everything from access authorization to just-in-time access requests.
Like Silverfort’s platform, Fabrix’s is designed for runtime environments, addressing the speed needed for the agentic AI era.
Identity Environments are Changing
“This is important because identity environments have fundamentally changed,” Goodman said. “Identities are dynamic, interconnected, and increasingly autonomous, and the real risk is no longer just who has access, but how that access is used in real time. At this level of scale and complexity, manual policy creation and static controls break down. Bringing AI-driven decisioning together with real-time enforcement is what allows security to keep pace with how access is actually being used.”
Silverfort last year released
Insecurity in the Shadows: New Data on the Hidden Risks of Non-Human Identities, a report detailing the challenges organizations and MSSPs face when trying to find and secure NHIs. There are more of them than human identities – Silverfort puts the ratio at 50:1, though others have it at 80:1 or more. That said, there are other security issues, including that 40% of cloud NHIs don’t have an owner, only 5.7% of organizations can accurately inventory all the NHIs in their environments, and 56% of organizations unknowingly sync their services accounts to SaaS directories, which increases the attack surface.
“The evidence is clear: NHIs are everywhere, they have elevated access, and they’re largely invisible to traditional security controls,”
Leonie Fraser, Silverfort’s senior marketing manager,
wrote in a blog post at the time. “As attackers increasingly exploit this blind spot, organizations must act quickly to secure their non-human identity landscape.”
Scaling MSSP Services
This warning is also aimed at MSSPs and MSPs. Their roles are shifting from observing identity activity to actively controlling it, Goodman said.
“Most services today are built around detection and response, but when attackers use valid credentials, detection alone isn’t enough. By the time something is flagged, the action has already happened,” he said. “With Silverfort and Fabrix, providers will be able to move closer to where risk occurs by applying real-time decisioning and enforcement as access is used. This will allow them to challenge or limit risky behavior in the moment, without requiring customers to replace their existing identity infrastructure, adding a preventative layer on top of what’s already in place.”
It also changes how such services scale, he said, adding that managing identity risk manually across multiple clients falls apart as NHIs and AI-driven identities grow. Goodman added that “AI-driven decisioning, combined with consistent runtime enforcement, will allow providers to apply controls across environments while still adapting to each customer’s context, shifting the model from reactive monitoring to proactive control.”