Security teams have spent years building guardrails around human logins. Now they have a new problem: bots that look and behave like users.
Silverfort, an identity security company, and SentinelOne, best known for endpoint protection, say they’re teaming up to tackle that shift. The companies announced a strategic partnership aimed at securing not just employees, but also AI agents and other non-human identities (NHIs) that increasingly sit behind automation and autonomous workflows.
The pitch is straightforward: tie identity controls to what’s happening on the device, in the cloud and inside AI-powered apps — then respond fast when something goes sideways. Identity-based attacks are already the main act in many breaches, and adding AI agents into the mix expands the attack surface in a way that doesn’t fit neatly into traditional IAM playbooks.
What the partnership actually does
Silverfort’s focus has been extending identity protection to systems that don’t easily support modern MFA or conditional access (think legacy apps, command-line access and service accounts). SentinelOne brings runtime visibility and response across endpoints and workloads, plus an expanding set of AI security capabilities.
Together, the companies say they’ll deliver “runtime security” across identities, endpoints and cloud workloads — with the goal of detecting and responding to identity misuse in real time. In practical terms, that could mean flagging suspicious authentication behavior, correlating it with activity on an endpoint or workload, and triggering automated response steps before an attacker can move laterally.
The alliance also calls out AI agents explicitly. As organizations experiment with agentic AI that can take actions on their behalf — from pulling data to running scripts — those agents need credentials, permissions and access paths. That’s useful for productivity, but it’s also a tempting target if those identities are over-privileged or poorly monitored.
Why this matters
“Non-human identity” can sound like marketing, but it’s a real operational pain point. Service accounts, API keys, automation bots and now AI agents often end up with broad access because nobody wants workflows to break. Attackers know that, and they increasingly go hunting for credentials that aren’t protected by the same checks humans face.
If Silverfort and SentinelOne can make identity telemetry and runtime detection play nicely together, that could help security teams treat these machine identities with the same skepticism they apply to user logins — and react quickly when something looks off.
Company background: Silverfort builds identity security controls that extend to legacy environments, while SentinelOne offers endpoint and cloud security platforms built around automated detection and response.
