GigaOm Radar for Identity Threat Detection and Response (ITDR)v1.0

Table of Contents

  1. Executive Summary
  2. Market Categories and Deployment Types
  3. Decision Criteria Comparison
  4. GigaOm Radar
  5. Solution Insights
  6. Analyst’s Outlook
  7. About Paul Stringfellow

1. Executive Summary

Identity is an essential part of any organization’s IT infrastructure, acting as the means to control access to the applications and data that hold their most critical business information.

Because identity and associated credentials, whether human or machine, enable access and privileges, gaining control of them is a priority for bad actors, leading to ever more sophisticated attempts to steal them and making attempts to identify and stop these attacks increasingly difficult. This is a challenge that has only grown in the cloud era. With more potential platforms to attack and gain access to, the attacker’s job has become easier while the defender’s has become more complex.

The frequency and complexity of attacks means that a more proactive approach to defense is required, one that can identify and mitigate potential threats autonomously, accurately, and more quickly than human security teams. Identity threat detection and response (ITDR) solutions have thus been developed to meet the challenge. These systems use broad telemetry, large-scale analytics, and intelligence to identify threats and automate the response to them to quickly and accurately reduce risk.

ITDR solutions use a combination of security tools, processes, and best practices to effectively detect and respond to identity-related threats, such as credential theft, privilege misuse, data breaches, and fraudulent activity.

These solutions take a more complete approach to identity security than traditional identity and access management (IAM), which controls user access to information systems and applications. With its broader scope, ITDR provides a more comprehensive strategy for detecting, responding to, and mitigating security threats related to user identity and access.

Identity is a high-value target for the modern cyberattacker, and finding ways to be effective in identifying threats and quickly reducing the risk they pose must be a priority in any organization’s cybersecurity strategy. ITDR has the potential to become a major component in addressing the risk posed by identity-based attacks. Failure to effectively protect identities can have a significant impact on any business, as breached credentials allow attackers to gain access to sensitive information and potentially gain control of key systems. Attackers will use this access to carry out attacks, which may include deploying malicious code or performing a reconnaissance in order to more effectively engineer attempts to steal data, cash, or both.

While ITDR solutions are relatively new to the market, many of them build on already-comprehensive threat detection platforms, adding identity telemetry to sophisticated engines to deliver identity-focused responses. This should help to reduce adoption risk.

The sophistication and accuracy of identity threats, supported by tools such as generative AI, mean that businesses must find ways to tackle them effectively. While deployment will take time and will require organizations to rethink the way they manage identity, the benefit of more secure identities is significant. Those that do not make this effort run a high risk of identity compromise with the potential of a significant breach and business disruption. Identity security should be a high priority for all organizations in business security.

This is our first year evaluating the ITDR space in the context of our Key Criteria and Radar reports. This GigaOm Radar report examines 10 of the top ITDR solutions in the market and compares offerings against the capabilities (table stakes, key features, and emerging features) and nonfunctional requirements (business criteria) outlined in the companion Key Criteria report. Together, these reports provide an overview of the category and its underlying technology, identify leading ITDR offerings, and help decision-makers evaluate these solutions so they can make a more informed investment decision.

GIGAOM KEY CRITERIA AND RADAR REPORTS

The GigaOm Key Criteria report provides a detailed decision framework for IT and executive leadership assessing enterprise technologies. Each report defines relevant functional and nonfunctional aspects of solutions in a sector. The Key Criteria report informs the GigaOm Radar report, which provides a forward-looking assessment of vendor solutions in the sector.