SailPoint Bolsters SaaS Security with Savvy Acquisition

SailPoint Bolsters SaaS Security with Savvy Acquisition

Analyst(s): Krista Case
Publication Date: August 22, 2025

SailPoint has agreed to acquire key assets from Savvy Security as it launches its Accelerated Application Management offering. The move strengthens its ability to address SaaS proliferation with identity-led discovery, governance, and security capabilities.

What is Covered in this Article:

  • How the Savvy asset acquisition expands SailPoint’s capabilities in SaaS visibility, shadow IT governance, and application management.
  • The potential benefits for SailPoint in strengthening customer stickiness and competitive positioning.
  • The risks tied to integration complexity, product clarity, and market messaging could limit the impact of the acquisition.

The News: SailPoint announced the introduction of its new Accelerated Application Management module, accompanied by an agreement to acquire key assets from Savvy, a provider of identity-first SaaS security solutions. The announcement is designed to deepen visibility and control over the proliferating number of SaaS applications in use by any given enterprise.

SailPoint Bolsters SaaS Security with Savvy Acquisition

Analyst Take: With the average enterprise using hundreds of SaaS applications, their discovery, governance, and security at scale becomes a pressing vulnerability to be addressed as a priority. The potential for illicit access has never been greater, and enterprises are struggling with identity and access vulnerabilities related to rapid application proliferation and shadow IT exposure.

For its part, SailPoint is addressing this challenge by reinforcing its Identity Governance & Administration (IGA) and security capabilities in the SaaS domain while adding specialized tooling for SaaS app observability, governance, risk assessment, and real-time shadow IT detection through its planned Savvy Security acquisition.

Across the board, cybersecurity and IT teams require more than just visibility, as they are pressured to uncover and react to vulnerabilities as quickly as possible to optimize business continuity and mitigate the potential for data loss. They require the ability to identify the highest-risk vulnerabilities and automate remedial actions, so that they can be addressed swiftly as a priority. For this reason, Futurum views the ability to prioritize vulnerabilities based on risk and to automate workflows as key capabilities of the new SailPoint Accelerated Application Management offering.

If executed well, the integration of the Savvy Security assets can enhance stickiness as security practitioners increasingly prefer a platform-led approach. Clients gain visibility into shadow SaaS apps and governance control in one platform, as a result reducing vendor sprawl and potential blind spots while improving reactiveness. Cross-sell pathways may also be opened up, as customers consider adopting Accelerated Application Management to address key identity security vulnerabilities related to SaaS proliferation.

Potential upsides acknowledged, there are some risks to be mindful of. The planned deal is relatively lightweight in terms of its size, but potential integration hurdles still exist. Merging backend architectures (APIs, data models, telemetry), aligning product roadmaps, and packaging a compelling seller message will still not be an easy feat. Additionally, SailPoint just went public again in early 2025, raising over $1 billion and trading at a valuation north of $10 billion. The IPO provides funds but will result in investor milestones and pressure to innovate.

Customer interest in a more comprehensive identity security fabric, and the need to protect new applications, infrastructures, and identities, has spurred plenty of recent acquisition activity. For example, Okta acquired Auth0 in 2021 to make it easier for developers to embed identity security into their cloud native apps, and CyberArk acquired Venafi and Zilla security in 2024 to enhance its machine identity and IGA capabilities, and subsequently is slated to be acquired by Palo Alto Networks in a blockbuster planned $25 billion deal. Ultimately, SailPoint’s planned acquisition of Savvy Security assets underscores its strategy to evolve from a governance-first player into a broader identity security platform that can address SaaS-driven vulnerabilities at enterprise scale while competing head-on with rivals pursuing similarly aggressive expansion through acquisitions.

What to Watch:

  • Competitive response from players such as Okta, Ping Identity, and Microsoft, which may explore their own SaaS visibility or identity observability enhancements. If they move quickly, SailPoint’s differentiation could narrow; if not, it gains valuable breathing room.
  • Adoption and integration speed, focusing on customer reviews, pilot deployments, and roadmap alignment to gauge the ultimate success of the integrated SailPoint and Savvy SaaS identity governance offering.
  • Next asset acquisitions or partnerships, with the potential for additional bolt-ons (e.g., endpoint identity telemetry or AI-driven access analytics) that could broaden the value proposition if early gains materialize. Overextension, however, could create product sprawl and integration fatigue.

For more information, see SailPoint’s press release.

Disclosure: Futurum is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.

Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of Futurum as a whole.

Other Insights from Futurum:

Is SailPoint’s IPO a Sign of Renewed Tech Optimism or Market Caution?

Can Identity Security Vendors Keep Pace with Platformization and AI-Driven Threats?

Security Summer Camp: Black Hat 2025, Def Con, And Others

Author Information

Krista Case

Krista Case brings over 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.

Related Insights
Compliance as Code Is No Longer Optional: Why Manual Reviews Can’t Keep Up
July 4, 2026

Compliance as Code Is No Longer Optional: Why Manual Reviews Can’t Keep Up

Qodo's 'Compliance as Code' framework automates enterprise AI compliance through PR checks, solving the data privacy and security gaps that plague manual reviews at scale....
Brave's Browser Containers Raise the Bar for Privacy and Workflow Flexibility
July 3, 2026

Brave’s Browser Containers Raise the Bar for Privacy and Workflow Flexibility

As AI platform adoption accelerates to $181.3B projected market size, Brave's v1.92 release introduces native browser containers addressing data privacy concerns for 52.6% of enterprise decision makers managing multi-cloud AI...
The Hard(er) Challenge in Agent Governance Is Authorization
June 25, 2026

The Hard(er) Challenge in Agent Governance Is Authorization

Fernando Montenegro, VP at Futurum Group, argues that the launch of the Agent Control Standard does not close the agent governance gap, and that "shrinkage," not universal coverage, is the...
Can Cisco Widen Splunk’s Agentic SOC Capabilities With WideField
June 25, 2026

Can Cisco Widen Splunk’s Agentic SOC Capabilities With WideField?

Fernando Montenegro, VP at Futurum, examines Cisco's planned acquisition of WideField Security and how deeper identity and session intelligence could strengthen Agentic SOC capabilities as enterprises deploy more AI agents...
HPE Discover 2026: A Coherent AI Story That Now Has to Convert
June 24, 2026

HPE Discover 2026: A Coherent AI Story That Now Has to Convert

Fernando Montenegro and Tom Hollingsworth analyze HPE Discover 2026, where HPE built a networking-centered, full-stack AI story and now must convert that breadth into spending momentum and a security story...
Can Databricks’ Security Upgrades Finally Unify AI Innovation and Compliance at Scale?
June 19, 2026

Can Databricks’ Security Upgrades Finally Unify AI Innovation and Compliance at Scale?

Databricks announces Automatic Identity Management for Entra ID and Okta, removing compliance bottlenecks for regulated industries. New security enhancements enable zero-trust access across all major clouds....

Book a Demo

Welcome

The vision behind everything in Futurum’s Custom Research practice is this: research should show you what is happening, what comes next, and what to do about it. It should be personal to each audience, easy for people to grasp, and structured so LLMs can reason over it accurately. And it should be fast and turnkey; you want answers now, not another project to carry for quarters.

Whether you are defining business, channel, or go-to-market strategy; evaluating vendors or justifying ROI; or commissioning research to fill an emerging market need, we have your back, with a program that answers your questions with the objectivity and credibility to drive real decisions.

To do it, we bring unmatched data to bear: Futurum research, surveys, and market projections; validated market feeds; ETR’s 15 years of insight from 10,000 technology decision-makers; G2’s buyer and user data; and what our analysts hear every day. Add leading primary collection, from AI-moderated voice interviews to surveys and analyst-led interviews, all turnkey, and every project comes out credible, nuanced, and actionable.

And we don’t just drop the results in your lap. For internal work, we provide analyst-led sessions, interactive dashboards, and a range of formats. For market-facing work, Futurum delivers turnkey activation and amplification that actually gets seen, by people and by LLMs, through our media and share of voice. This is research that moves decisions and markets.

We will meet you wherever you are, from a fast-turn brief to a multi-year program, and shape the work to your goals, timeline, and budget. The right program for your moment.

If any of this is useful, I would love to talk.

Benjamin Brown, VP Custom Research, Futurum Research

Benjamin Brown

VP, Custom Research · The Futurum Group

Newsletter Sign-up Form

Get important insights straight to your inbox, receive first looks at eBooks, exclusive event invitations, custom content, and more. We promise not to spam you or sell your name to anyone. You can always unsubscribe at any time.

All fields are required






Thank you, we received your request, a member of our team will be in contact with you.