One Identity adds AI threat response to Manager 10.0

One Identity has released version 10.0 of its Identity Manager software, adding new functions for identity governance and automated responses to identity-based security incidents.

The company said the update adds risk-based governance, identity threat detection and response, and AI-assisted reporting. Identity Manager sits in the identity governance and administration category, which organisations use to manage access rights, approval processes, and auditing.

Risk signals

One Identity said Identity Manager 10.0 can ingest user risk scores from third-party analytics and user and entity behaviour analytics tools. The product can then use those scores inside governance workflows.

The release also adds identity threat detection and response playbooks. One Identity said the playbooks automate remediation actions. It listed actions such as disabling accounts, flagging security incidents, and launching targeted attestation. Attestation is a formal review process that checks whether a person should retain access to systems or data.

Identity-based attacks have remained a focus area for security teams as attackers use compromised credentials, token theft, and phishing to gain access. Vendors in the identity sector have increased their emphasis on automated containment and integration with security operations tooling.

Interface changes

One Identity said the updated release includes a browser-based interface for administration. The company said the interface provides full administrative functionality without a desktop installation.

One Identity also introduced AI-assisted reporting for authorised users. The company said the reporting uses a secure, customer-controlled large language model. Users can query identity data in natural language. One Identity said this approach reduces dependence on SQL queries during audits, reviews, and compliance work.

Security integrations

One Identity said Identity Manager 10.0 includes enhanced compatibility with security information and event management systems. The release uses standards-based Syslog CEF formatting. One Identity said this improves interoperability with security monitoring platforms.

Organisations often use SIEM platforms as a central place for security logging, alerting, and incident response workflows. Identity governance products typically integrate with these tools for visibility into access events, account status changes, and policy breaches.

“One Identity Manager 10.0 is a major upgrade that strengthens identity governance as a critical security component for protecting enterprise environments,” said Praerit Garg, CEO, One Identity.

“Organisations today face relentless identity-driven threats. This release combines a proven governance foundation with intelligence, automation, and usability that help security teams detect risk earlier, take decisive action, and operate at scale with confidence,” said Garg.

One Identity positioned the release as an update for large organisations with complex environments. It said Identity Manager has been used for more than a decade for governing identities at scale.

Intragen by Nomios said the release changes several underlying elements in the platform. The firm works with customers on identity and access management deployments.

“One Identity Manager 10.0 represents a significant change in identity governance for large-scale use,” said Ciro Guariglia, CTO, Intragen by Nomios.

“The platform improves the data model and automation engine, while bringing in a more scalable, policy-driven method for attestations. This change makes large certification campaigns easier to manage, instead of burdening administrators and the system,” said Guariglia.

One Identity said it expects organisations to use the new functions alongside existing governance controls as they update identity programmes across hybrid IT environments.