I’m proud to share that BeyondTrust has been recognized as an overall Leader by KuppingerCole Analysts AG in their 2024 Identity Threat Detection and Response (ITDR): IAM Meets the SOC Leadership Compass. This report represents the first time KuppingerCole has published an ITDR report. In addition to being named an Overall ITDR Leader, BeyondTrust is also a Leader in the Innovation, Product, and Market categories.
KuppingerCole defines Identity Threat Detection and Response (ITDR) as... “A class of security solutions designed to proactively detect, investigate, and respond to identity-related threats and vulnerabilities in an organization's IT environment. ITDR solutions focus on protecting digital identities and infrastructure against a variety of attacks by threat actors." KuppingerCole also characterizes ITDR as “identity-defense-in-depth.”
2024 marks the first year KuppingerCole has produced a Leadership Compass Report around ITDR; so, what forces have precipitated this new introduction? The proliferation of identities as a prime attack vector for threat actors seems to be the driving force. In 2023 alone, 90% of organizations experienced at least one identity-related security incident.
Here is what KuppingerCole says regarding why ITDR matters: “ITDR is a crucial component of a comprehensive cybersecurity strategy, as identities have become the primary targets of attackers looking to gain unauthorized access to sensitive systems and information. By focusing on the security of identities, ITDR helps organizations protect against a range of threats, including credential theft, account takeovers, and insider threats.”
BeyondTrust was named an overall “Leader” in the 2024 Identity Threat Detection Response (ITDR): IAM Meets the SOC Leadership Compass. In our opinion, this position recognizes and validates BeyondTrust's robust platform, which not only empowers organizations to proactively harden their identity fabric to minimize the attack surface, but also enables rapid detection and neutralization of attacks. We believe receiving this recognition also reflects our commitment and dedication to our customers, and a deep understanding of evolving market needs.
ITDR – Where the Market Stands, and How it is Poised to Evolve
Identity Threat Detection and Response (ITDR) is becoming a prominent component in the broader cybersecurity landscape, especially as organizations increasingly prioritize identity and access management (IAM) hygiene. The current state of ITDR doubles down on strengthening controls through enhanced discovery and visibility, focusing on key signals, such as multi-factor authentication (MFA) fatigue and session token misuse. By integrating with Security Information and Event Management (SIEM), Security Operations Centers (SOC), and Extended Detection and Response (XDR) systems, ITDR aims to close security gaps, remediate root causes, and enhance overall incident response capabilities. The goal is to ensure robust attack disruption and threat containment by leveraging universal logout features and step-up authentication.
Looking ahead, ITDR is poised to evolve with a stronger focus on preventative controls and hygiene practices. Organizations will be expected to increase IAM maturity by implementing controls across both administrative and runtime environments. This evolution is driven by the need to address the growing complexity and decentralization of IT infrastructures and dissolving of the traditional network perimeter—including cloud environments, where a significant percentage of identities remain underutilized or inactive.
The adoption of cloud infrastructure entitlement management (CIEM) tools will further enhance the tracking and management of entitlement security postures in IaaS, improving the overall security posture through better hygiene practices. As ITDR continues to integrate more advanced analytics and adaptive controls, it will play a critical role in the broader shift towards identity-first security strategies, ensuring continuous and context-aware risk and trust assessments.
Key Takeaways from the 2024 KuppingerCole ITDR Leadership Compass
The ITDR Leadership Compass highlights the dynamics of this emerging market, provides a framework for evaluating ITDR solutions, and offers guidance on how enterprises can select the appropriate technologies for their organizations. To better understand the fundamental principles this report is based on, please refer to KuppingerCole’s Research Methodology.
In the report, KuppingerCole provides detailed evaluations of eight vendors that offer ITDR solutions. Each is placed on a chart recognizing their achievements as a Follower, Challenger, or Leader.
The position of “Overall Leader,” as defined by KuppingerCole, “ranks vendors based on a combined rating, looking at the strength of products/services, the market presence, and the innovation of vendors. Overall Leaders might have slight weaknesses in some areas, but they are typically above average in all areas.”
Any organization named a (Product/Market/Overall) Leader, is defined as: “Products which are exceptionally strong in certain areas."
2024 KuppingerCole ITDR Leadership Compass
KuppingerCole Recognizes BeyondTrust’s ITDR Innovation and Product Strengths
In regard to Identity Threat Detection and Response, KuppingerCole highlights: “BeyondTrust’s approach to ITDR is uniquely platform agnostic, [they are] positioned as a growth-oriented, stable, and innovative company with a strong product suite that emphasizes identity-first security... The platform is well rounded and well-integrated, capable of detecting complex threats and alerting administrators and SOC analysts of in-progress identity attacks."
KuppingerCole also says: “The ITDR solution excels in various categories, including Platform, Account Discovery, User Visibility, Risk Assessment, Event Detection, and Incident Investigation. For example, BeyondTrust identified over 15,000 accounts and associated them with 5,000 identities for one customer, improving visibility and manageability.”
BeyondTrust ITDR Strengths Highlighted in the Report:
- Integration and Deployment Flexibility: Adaptable product with multiple deployment models.
- Research and Threat Monitoring: Maintains a dedicated research team to stay current on detection and response.
- Intelligent Account Management: Merges accounts and establishes service account ownership effectively.
- User-Friendly UI: Guides analysts through incident responses with helpful in-product information.
- Automated Recommendations: Provides incident-type-based automated recommendations.
Global Reach and Financial Stability: Extensive customer base and partner ecosystem, backed by strong financials.
BeyondTrust Product Innovations Illuminate & Protect the Paths to Privilege
We agree with KuppingerCole’s assessment. Over the past couple of years, we at BeyondTrust have made significant advancements in our Privileged Access Management (PAM) and identity security offerings. Our efforts have focused on enhancing our platform, integrating new technologies, and acquiring strategic assets to bolster our capabilities.
We also understand that, in the realm of modern, identity-based threats, attackers are increasingly likely to “log in” rather than “hack in.” As seen in the Okta Support Unit Breach, where an active session token was hijacked by a threat actor. BeyondTrust’s Identity Security Insights was able to detect, remediate, and report the breach to Okta a full 3 weeks before they publicly disclosed the incident.
KuppingerCole recognized this achievement in the report, as well: “BeyondTrust was able to notify Okta of a breach the company discovered based on the platform’s ability to spot token reuse from multiple locations. BeyondTrust also uses its experience and connection to customers to enhance its identification of attacks and its use of rules in the event of a breach. The company refers to their approach as “identity first security”—an apt description of ITDR.”
We at BeyondTrust understand that modern cyber threats are increasingly targeting identities and their access. Our approach focuses on providing comprehensive visibility and control across the entire identity estate. This is why we keep developing our product offerings—to help organizations illuminate and protect the true paths to privilege.
Key Innovations in Recent Years Include:
- Identity Security Insights, which provides security and IT teams with unparalleled visibility into all identities, privileges, and access. This helps identify and remediate overprivileged accounts and suspicious activities, from a single interface.
- Improvements to user experience and automated system creation and access control in cloud environments, through new SQL Database Proxy and Cloud Automation API Scripts.
- The acquisition of Entitle has strengthened our ability to manage just-in-time (JIT) access and modern identity governance and administration (IGA), particularly across cloud environments. This move enhances our PAM and cloud infrastructure entitlement management (CIEM) capabilities.
- Expanded features for managing privileged credentials and enhancing remote access security through our Password Safe and Privileged Remote Access products.
Our leadership in the PAM and identity security space has been consistently recognized by analysts and customers:
- 2023 Gartner® Magic Quadrant™ for Privileged Access Management
- Gartner® Peer Insights™ Customers’ Choice for Remote Desktop Software
- BeyondTrust Named a Leader in 2022 Gartner® Magic Quadrant™ for Privileged Access Management
- KuppingerCole Leadership Compass: Privileged Access Management (2021): BeyondTrust a Leader
Identity-Defense-in-Depth with BeyondTrust
Our focus in identity-first security, and seamless integration with other tool sets, positions BeyondTrust as a leader in the identity security space, driving forward the vision of a more secure digital environment. Through our innovations and strategic moves, we remain committed to providing robust, integrated solutions that address your evolving needs in identity and access security.
“Being named an Overall Leader in the KuppingerCole 2024 ITDR Leadership Compass is a testament to our unwavering commitment to identity security innovation and excellence. Recent advancements, including Identity Security Insights and enhanced cloud capabilities, have been paramount in securing our leadership position and driving growth in this critical market by providing unprecedented visibility and protection to all our customers’ paths to privilege. This recognition highlights our team's dedication to evolving our solutions to an identity-centric approach that provides holistic visibility, simplified management, and intelligent protection to solve our customers’ biggest challenges.“ —Janine Seebeck, CEO, BeyondTrust
Get the KuppingerCole's 2024 Identity Threat Detection and Response (ITDR): IAM Meets the SOC Leadership Compass
Learn about BeyondTrust ITDR solutions
Juli Ballesteros, Director, Analyst Relations
As the Director of Analyst Relations at BeyondTrust, Juli leads the strategy and execution of BeyondTrust's global analyst relations (AR) program, leveraging more than 25 years of high-tech and cybersecurity AR experience. Based in northern Virginia, Juli has two kids and is a proud University of Maryland Dance Team alumna.