The announcement that SailPoint intends to acquire Tel Aviv-based Entro reads like a clean fit on paper. SailPoint governs who and what has access. Entro discovers and monitors the credentials that machines and AI agents actually use to exercise that access. Put them together and you have a single platform that can answer both "who is this identity" and "what keys does it hold." That is the pitch, and it is not wrong. It is also not the whole story.

The gap this closes is the one SailPoint has been describing for itself

SailPoint CEO Mark McClain framed the deal as an extension of the Agentic Fabric platform the company launched earlier this year, calling it a way to give customers frictionless, complete visibility into every non-human identity and the credentials those identities use to reach corporate data. Entro CEO Itzik Alvas described his company's contribution as a discovery and lineage mapping engine built specifically for the volume of credentials and non-human identities that agentic workloads now generate.

The capability list SailPoint published is specific in a way most acquisition announcements are not. Entro brings agentless discovery across more than 1,000 non-human identity and agent types and more than 1,200 credential types, including secrets, keys, tokens, and certificates, spanning more than 70 sources that range from cloud environments and developer tools to CI/CD pipelines and collaboration platforms. SailPoint is also positioning Entro's lineage mapping as the connective tissue that ties a discovered non-human identity back to a human owner, which is the accountability step that most non-human identity tooling has struggled to deliver. And SailPoint is carrying over Entro's branded Non-Human Identity Detection and Response capability as a real-time monitoring layer for behavioral anomalies.

What "unified platform" has to mean here, specifically

The framing in SailPoint's announcement is that this strengthens its leadership across human, machine, and agent identity types from a single platform. That is the framing every identity vendor uses for every acquisition, and it is usually true at the marketing layer on day one. The harder question is whether an identity governance data model and a secrets discovery data model can actually merge into one risk graph, or whether they sit side by side with a shared login screen.

Secrets platforms and identity governance platforms answer different questions by design. Identity governance asks whether an entity should have access. Secrets management asks whether a credential is exposed, rotated, or being used the way it was issued. An AI agent that has the correct entitlement under SailPoint's model can still be operating with a leaked or stale credential under Entro's model, and today those are two separate alerts in two separate consoles. The acquisition only pays off if SailPoint can collapse that into one finding: this agent has the access it should have, and the key it is using to exercise that access is the key it was issued, current, and not sitting in a code repository somewhere.

That is a data integration problem before it is a product problem.

Entro's customers are about to become SailPoint's integration test

Entro built its product to plug into the secret stores and CI/CD pipelines that engineering teams actually use. That is a different buyer and a different deployment motion than SailPoint's traditional identity governance rollout, which tends to start in IT and security operations and move outward. Acquisitions like this often stall not on the technology but on which team owns the combined product roadmap, and whether the engineering-facing secrets tooling gets absorbed into an identity-first interface that DevOps teams were never asked to adopt in the first place.

SailPoint has handled platform consolidation before, most visibly in how it folded machine identity and agent identity capabilities into the Identity Security Cloud over the past year. The Entro acquisition extends that same pattern into a category, secrets, that has its own vendor ecosystem, its own buying center, and its own definition of what "discovered" and "remediated" mean. SailPoint has set an expected close in the third quarter of its 2027 fiscal year, which gives both companies a defined runway before integration work has to show results. The roadmap SailPoint publishes during that runway, and whether it keeps Entro's existing integrations intact while building toward it, will tell CIOs more about this deal's value than the press release does.