Palo Alto Networks launches Idira for human, machine and AI identities

Palo Alto Networks has launched Idira, an identity security platform designed to manage human, machine and AI-driven identities.

Idira is designed to help enterprises manage growing numbers of privileged human, machine and AI identities from a single platform. The launch comes as a new paper from the International Monetary Fund warns that AI agents capable of executing payments expose gaps in KYC and multifactor authentication.

Palo Alto Networks says the platform extends privileged access management (PAM) controls across human, machine and autonomous AI identities.

The rise of AI is changing the way privilege operates inside modern networks. Machine and AI identities now outnumber human users by 109 to 1, and Palo Alto Networks cites industry data showing that nine in ten organizations experienced an identity‑related breach in the past year.

With attackers increasingly “logging in rather than breaking in,” the company believes that legacy PAM tools are no longer sufficient. Idira aims to close that gap by eliminating standing privileges and applying zero‑standing‑privilege (ZSP) enforcement across every identity.

Idira uses AI to map and surface identity risks, automate governance workflows and provide dynamic access controls that adapt to context. Palo Alto Networks says this approach means the platform can secure the full range of identities operating inside an enterprise.

“By combining the deep expertise of the industry’s original PAM pioneers with the unparalleled scale and speed of Palo Alto Networks, we are providing leaders with the precision and control necessary to govern the entire identity landscape and secure the future of innovation,” said Peretz Regev, chief product and technology officer, Idira, Palo Alto Networks.

The platform includes AI‑driven discovery of entitlements and access paths, just‑in‑time privilege provisioning, and automated policy enforcement across the identity lifecycle. It also introduces protections for agentic and machine identities.

Existing CyberArk SaaS customers will see varying levels of integration depending on their subscription tier. Standard PAM customers will receive discovery and UX improvements, with options to add ZSP and agentic‑identity protections. Enterprise and developer‑focused PAM customers will gain ZSP and discovery features at no additional cost. Workforce access and machine‑identity customers can upgrade to unify their identity‑security posture on the Idira platform.

Palo Alto Networks recently expanded its identity capabilities in Cortex Cloud, which correlates fragmented user accounts into unified identity profiles to identify privilege risks.

By correlating a user’s cloud, SaaS, identity‑provider and on‑prem accounts, teams can spot privilege creep, dormant access and hidden exposure that isolated accounts obscure. By merging fragmented accounts into one profile, Cortex Cloud shows which human identities create the greatest combined risk and where to act first.

Identity attacks rising globally

Identity has pushed past the traditional network perimeter as the primary battleground in cybersecurity, according to a new global survey of 5,000 IT and security leaders across 17 countries.

As cloud adoption and AI accelerate the creation of both human and machine identities, the Sophos “The State of Identity Security 2026” report found 71 percent of organizations suffered at least one identity‑related breach in the past year.

The research shows identity attacks are now routine rather than exceptional, with affected organizations experiencing an average of three incidents annually. Geographically, Switzerland reported the highest breach rate at 89 percent, with Mexico (83.3 percent) and Italy (80 percent) and Australia (79.7 percent) and India (76.8 percent) rounding out the top five. Germany was the least breached at 62.6 percent, showing that rates are still fairly high.

The energy and utilities sector topped industry rankings at 80 percent, followed by the central and federal government at 78.4 percent. Construction and property; manufacturing and production; and retail accounted for the top five most-breached industries.

A major finding is the growing link between identity compromise and ransomware. Two‑thirds of ransomware victims said their attack stemmed directly from their most significant identity breach, showing how one compromised credential can lead to a full operational shutdown.

The report highlights the rising risk posed by non‑human identities such as API keys, service accounts and AI agents, which now outnumber human identities by as much as 100 to one. Mismanaged machine identities contributed to 41 percent of successful breaches, yet only a third of organizations regularly audit or rotate them.

The financial impact is substantial. The average cost of an identity breach reached $1.64 million, with smaller organizations nearly twice as likely to miss early signs of an attack.

Researchers warn that identity security must now be treated as an ongoing operational discipline. They recommend universal MFA, Zero Trust architectures and stronger governance over both human and machine identities to counter the growing threat.

The full State of Identity Security 2026: Identity is the new perimeter report includes sector‑specific data and detailed recommendations.

Article Topics

AI agents  |  CyberArk  |  cybersecurity  |  identity access management (IAM)  |  identity security  |  non-human identities  |  Palo Alto Networks