Okta announced that it has signed a definitive agreement to acquire Axiom Security, a modern, identity-centric Privileged Access Management (PAM) solution built for cloud, SaaS, and database environments.

Axiom’s technology will be integrated into Okta Privileged Access expanding access controls to more sensitive resources that Okta customers can use to further strengthen their identity security fabric, so they can manage the types of privileged access across resources and use cases in their environment. As more enterprises bring AI into their workforces, privileged access controls are a key defense layer to properly mitigate AI-related risks.

This acquisition will help Okta customers extend their identity security fabric to more privileged accounts and resources, ensuring a single control plane for managing privileged access, whether on-prem or in the cloud.

Founded by Itay Mesika and Ilan Dardik in Tel Aviv, Israel, Axiom Security delivers a cloud-native, identity-centric PAM platform that helps organisations eliminate standing privileges and secure access to critical infrastructure with Just-in-Time (JIT) access, automated request and approval workflows, and user access reviews. Axiom’s core belief—that access should be secure by default without slowing down business productivity—aligns perfectly with Okta’s vision to free everyone to safely use any technology as the world’s leading independent identity partner.

Elevating Okta Privileged Access with Axiom Security

Okta Privileged Access today provides unified access and governance for privileged resources, whether on-prem or in the cloud, increasing visibility and compliance without compromising user experience. It streamlines access to servers and non-federated accounts, provides a secure vault, and seamlessly integrates with governance workflows to help ensure accountability.

Axiom Security elevates Okta’s current PAM product to solve for even more use cases, adding security controls and connectors to critical infrastructure resources, such as databases and Kubernetes.

In the coming months, Okta Privileged Access will incorporate key Axiom functionality to deliver:

Unified control: A single point of administration for privileged access across all privileged resources, from both on-premises and multi-cloud infrastructure.

Just-in-Time access: A crucial capability that eliminates standing privileges and provides time-limited access when needed. This approach reduces operational overhead and risks by automating permissions for elevated access to environments like GitHub, Snowflake, PostgreSQL, Amazon EKS, and others.

More connectors: Leverage AI to provide more coverage in customer environments with an AI-based application connector builder capability.

Deep coverage: Axiom Security extends Okta’s ability to secure access to Kubernetes and databases, ensuring least-privileged access and full traceability for auditing and compliance.

Okta Privileged Access will continue to be Okta’s PAM solution, and is available globally, except in compliance cells, like HIPAA and FedRAMP.

The security risks in an AI era demand an identity security fabric

Only 10% of respondents in a recent Okta survey said their organisation has a well-developed strategy or roadmap for managing non-human identities (NHIs). In today’s dynamic cloud environment, manually managing these permissions can quickly become chaotic, leading to significant security risks, compliance gaps, and operational inefficiencies.

And with the introduction of a common NHI – AI agents – into the enterprise, businesses are struggling to ensure there is still visibility, security, and governance for these unique privileged account types. Outdated or traditional PAM platforms that aren’t built with the flexibility and neutrality needed to manage permissions for the non-human workforce will lead to greater security risks.

This is one of the many reasons organisations need to deploy an identity security fabric—an architecture designed to help organisations manage all types of identities across all resources and all use cases. The Okta Platform brings the identity security fabric to life and provides organisations with the centralised control and visibility crucial to defending against modern cyberattacks. By investing in the Okta Platform, organisations can build their own identity security fabric designed for end-to-end protection for every identity type, every identity use case, and every resource type.

Okta is excited to grow its Privileged Access capabilities and provide more solutions to its customers. The company also expressed enthusiasm in welcoming the talented Axiom Security team to Okta. The acquisition is anticipated to close in September, with more details to be shared in the coming months.