One Identity Manager 10.0: Elevating Enterprise Identity Security with Risk-Based Governance

Modern enterprise environments face an increasingly complex threat landscape. As organizations expand their digital footprint, managing and securing identities becomes paramount. Robust Identity Governance and Administration (IGA) solutions are no longer optional; they are a critical security control. Against this backdrop, One Identity, a leading name in identity security, announced a significant upgrade to its flagship IGA solution: One Identity Manager 10.0.

This major upgrade, unveiled on January 20th, 2026, reinforces identity governance as a foundational element for enterprise security. It introduces a suite of security-driven capabilities designed to address the sophisticated challenges of today and tomorrow. For IT professionals, security analysts, and developers tasked with safeguarding organizational assets, this evolution in identity management is a crucial development.

Strengthening Identity Governance as a Critical Control

Identity governance serves as the backbone of a secure access strategy. It ensures that the right individuals have the right access to the right resources at the right time, and that those permissions are regularly reviewed and enforced. One Identity Manager 10.0’s enhancements underscore this principle, moving beyond basic provisioning to incorporate advanced security features.

Introducing Security-Driven Capabilities

The core of the One Identity Manager 10.0 upgrade lies in its introduction of what One Identity terms “security-driven capabilities.” While specific details beyond the initial announcement are anticipated, the emphasis on this phrase points to a strategic shift. Traditional IGA focused heavily on compliance and operational efficiency. The 10.0 release signals a stronger integration of proactive security measures directly into the governance framework.

Key areas highlighted include:

• Risk-Based Governance: This capability is pivotal. Instead of treating all access decisions uniformly, risk-based governance prioritizes actions and reviews based on the potential impact of an identity or access privilege being compromised. This means more stringent controls for high-risk access and more efficient management for lower-risk scenarios.
• Identity Threat Detection: Integrating threat detection directly into an IGA solution is a powerful move. This suggests One Identity Manager 10.0 will likely incorporate mechanisms to identify anomalous behavior related to identity usage, potentially flagging suspicious login attempts, unauthorized access patterns, or privilege escalation attempts in real-time.

The Evolution of IGA: Beyond Compliance

For years, IGA solutions have been essential for meeting regulatory compliance mandates such as GDPR, HIPAA, and SOX. While compliance remains a vital component, the threat landscape demands a more proactive and security-centric approach. One Identity Manager 10.0 positions itself at the forefront of this evolution, transforming IGA from a purely administrative function into an active defense mechanism.

By embedding risk assessment and threat detection directly within the identity governance workflow, organizations can achieve a more holistic security posture. This not only streamlines compliance efforts but also significantly reduces the window of opportunity for attackers exploiting compromised identities.

What This Means for Enterprises

The upgrade to One Identity Manager 10.0 offers several tangible benefits for enterprises:

• Enhanced Security Posture: Proactive identification and mitigation of identity-related risks.
• Improved Compliance: Easier demonstration of control over access rights, aiding in audit readiness.
• Operational Efficiency: Streamlined access reviews and certifications through risk prioritization.
• Reduced Attack Surface: Tighter control over privileged access and early detection of suspicious activity.

Looking Ahead: The Future of Identity Security

One Identity Manager 10.0’s focus on security-driven capabilities represents a significant step forward in enterprise identity security. As identity becomes the new perimeter, solutions that can intelligently govern, detect, and respond to identity-based threats will be indispensable. Organizations should evaluate how these enhanced features can integrate into their existing security strategies to build a more resilient and secure digital environment.