One Identity, a trusted leader in identity security, today announces a major upgrade to One Identity Manager, a top-rated IGA solution, strengthening identity governance as a critical security control for modern enterprise environments. 

One Identity Manager 10.0 introduces security-driven capabilities for risk-based governance, identity threat detection and response (ITDR), and AI-assisted insight, helping organizations better anticipate, contain, and manage identity-driven attacks across their complex IT ecosystems. 

For more than a decade, Identity Manager has served as a proven foundation for securing and governing identities at scale across some of the world’s largest and most complex environments. Version 10.0 builds on that foundation with a modernized experience, deeper integrations, and embedded intelligence that gives security teams clear visibility, stronger control, and more efficient execution across governance workflows.  

New capabilities include enhanced risk management integrations that allow organizations to ingest and act on user risk scores from third-party analytics and UEBA tools. Newly introduced ITDR playbooks automate key remediation actions such as disabling accounts, flagging security incidents, and launching targeted attestation. Together, these capabilities help organizations shorten the window between detection and action when identity threats emerge. 

The release also introduces a modern, browser-based interface that delivers full administrative functionality without desktop installation. AI-assisted reporting, powered by a secure, customer-controlled large language model, enables authorized users to query identity data in natural language, reducing reliance on complex SQL and accelerating insights for audits, reviews, and compliance.  

Enhanced SIEM compatibility through standards-based Syslog CEF formatting improves interoperability with modern security monitoring platforms. This helps security teams connect identity governance more seamlessly into broader security operations. 

“One Identity Manager 10.0 is a major upgrade that strengthens identity governance as a critical security component for protecting enterprise environments,” said Praerit Garg, CEO of One Identity. “Organizations today face relentless identity-driven threats. This release combines a proven governance foundation with intelligence, automation, and usability that help security teams detect risk earlier, take decisive action, and operate at scale with confidence.”

“One Identity Manager 10.0 represents a significant change in identity governance for large-scale use,” said Ciro Guariglia, CTO of Intragen by Nomios. “The platform improves the data model and automation engine, while bringing in a more scalable, policy-driven method for attestations. This change makes large certification campaigns easier to manage, instead of burdening administrators and the system.”  

With Identity Manager 10.0, One Identity continues advancing identity security as a central pillar of enterprise defense, helping organizations strengthen protection, reduce exposure, and support secure business operations in complex environments. 

About One Identity 

One Identity delivers trusted identity security for enterprises worldwide to protect and simplify access to digital identities. With flexible deployment options and subscription terms – from self-managed to fully managed – our solutions integrate seamlessly into your identity fabric to strengthen your identity perimeter, protect against breaches and ensure governance and compliance. Trusted by more than 11,000 organizations managing over 500 million identities, One Identity is a leader in identity governance and administration (IGA), privileged access management (PAM), and access management (AM) for security without compromise.

Users can learn more at www.oneidentity.com. 

Contact

Liberty Pike

One Identity LLC

liberty.pike@oneidentity.com

Panorays, a leading provider of third-party security risk management software, has released the 2026 edition of its annual CISO Survey for Third-Party Cyber Risk Management. 

The survey highlights third-party cyber risk as one of the most critical challenges facing security leaders today, driven largely by a lack of visibility. While 60% of CISOs report an increase in third-party security incidents, only 15% say they have full visibility into those risks.

These gaps are compounded by limited resources and technology stacks that weren’t designed to manage dynamic supply-chain threats at scale.

Drawing on responses from 200 CISOs of US-based companies, the 2026 Panorays CISO Survey puts a spotlight on cybersecurity executives’ continuing challenges to shore up software supply chain security, as these efforts are further undermined by resource constraints and tech stacks that fall short. Despite growing adoption, standard Governance, Risk, and Compliance (GRC) platforms have largely failed security teams, leaving them without the ability or confidence needed to effectively address the rising tide of third-party threats. 

Key Findings and Insights

• Preparedness is dangerously low: While 77% of CISOs see third-party risk as a major threat, only 21% have tested crisis response plans in place. This suggests that organizations are increasingly susceptible to prolonged outages, exposure of sensitive systems and financial losses in the event of a security breach, as well as compliance violation penalties. Without a proper response plan in place, even minor incidents have the potential to spiral out of control. 
• Most organizations are blind to vendors: Although 60% report rising third-party breaches, just 41% monitor risk beyond direct suppliers. CISOs face massive observability gaps, as they’re only watching the front door. But the biggest risks are lurking in the background, largely unseen by most security teams.
• Shadow AI is creating new attack paths: Despite rapid AI adoption, only 22% of CISOs have formal vetting processes, leaving unmanaged third-party AI tools embedded in core environments. Teams are adopting black-box AI tools faster than security teams can keep up, with 60% of respondents identifying shadow AI as uniquely risky. This creates a dangerous and growing blind spot for CISOs, as high-risk third-party systems are granted access to IT environments without scrutiny.
• CISOs are dissatisfied with their compliance stacks. The report found that 61% of businesses have invested in GRC software solutions, yet 66% say that these platforms are ineffective in dealing with the dynamic nature of external third-party supply chain risks. As a result, security teams are forced to rely on manual workarounds instead, increasing the likelihood of vulnerabilities being missed. 
• Static security assessments are no longer up to the job. This is a growing consensus among CISOs, with 71% admitting that traditional questionnaires fall short of expectations, creating fatigue instead of visibility into the threat landscape. Fortunately, CISOs are quickly embracing alternatives, with 66% moving on to AI-driven assessment tools.

Left to right: Panorays Co-founders Meir Antar (COO), Matan Or-El (CEO) and Demi Ben-Ari (Chief Strategy Officer)

“Our findings show that third-party security vulnerabilities aren’t going away – in fact, they’re becoming more prevalent due to a dangerous lack of visibility and the rampant adoption of unmanaged AI tools,” said Matan Or-El, founder and CEO of Panorays. “Meanwhile, it’s especially alarming that only 15% of CISOs say they have the ability to map out their entire supply chains.”

“The rise of AI has only made supply chains more complex, and the connected nature of these data-dependent systems is expanding the attack surface,” Or-El continued. “CISOs are increasingly seeing the value of AI-driven solutions to increase clarity around the evolving threat landscape.”  

Visibility Is Being Prioritized, but CISOs’ Hands Remain Tied

The new report found there’s a growing sense of urgency among CISOs due to the failure of traditional GRC platforms to manage third-party risk at scale. Almost two-thirds of organizations have invested in GRC tools, up from just 27% in the 2025 version of Panorays’ report, yet overall visibility has declined, resulting in growing dissatisfaction about the ineffectiveness of these systems. 

Fortunately, there are signs that organizations can close the visibility gap as more CISOs explore the use of advanced, AI-driven tools to improve their security posture. Adoption of AI for third-party risk management has surged, up from 27% a year ago to 66% this year. 

This shift has led to significant, but still alarmingly insufficient, growth in the ability of organizations to properly assess the third-party threat landscape. 

The 2026 survey found that 15% of CISOs now say they have full visibility into their software supply chains, up from just 3% a year ago, but much work remains to be done. While the progress is encouraging, the overall picture remains bleak, as 85% of organizations still lack a complete view of their overall threat landscape. 

About the Survey

The 2026 CISO Survey was conducted in October 2025 by the independent research company Global Surveyz on behalf of Panorays. It’s based on responses from 200 Chief Information Security Officers, all of whom are full-time employees tasked with overseeing third-party cybersecurity risk management within their organizations. The sample included CISOs from the finance, insurance, professional services, technology, healthcare and software development sectors.

About Panorays

Panorays is a global provider of third-party cybersecurity management software. Adopted by leading banking, insurance, financial services, and healthcare organizations, Panorays enables businesses to optimize their defenses for each unique third-party relationship. With personalized and adaptive third-party cyber risk management, Panorays helps businesses stay ahead of emerging threats and delivers actionable remediations with strategic advantages with over 1,000 customers worldwide. The company serves enterprise and mid-market customers primarily in North America, the UK and the EU, Headquartered in New York and Israel, with offices around the world, Panorays is funded by numerous international investors, including Aleph VC, Oak HC/FT, Greenfield Partners, BlueRed Partners (Singapore), StepStone Group, Moneta VC, Imperva Co-Founder Amichai Shulman and former CEO of Palo Alto Networks Lane Bess. For more information, users can visit panorays.com or contact at info@panorays.com.

Contact

PR

Dan Edelstein

InboundJunction

pr@inboundjunction.com