Delinea's StrongDM Acquisition Highlights the Changing Role of PAM

IDENTITY & ACCESS MANAGEMENT SECURITY ENDPOINT SECURITY REMOTE WORKFORCE СLOUD SECURITY News, news analysis, and commentary on the latest trends in cybersecurity technology. Delinea's StrongDM Acquisition Highlights the Changing Role of PAM StrongDM, which injects ephemeral, real-time credentials into developer workflows, will enable Delinea to offer privilege access management across cloud, SaaS, Kubernetes, and database environments. Jeffrey Schwartz,Contributing Writer March 12, 2026 4 Min Read SOURCE: ARTEMIS DIANA VIA ALAMY STOCK PHOTO As systems increasingly connect with nonhuman identities and artificial intelligence (AI) agents, Delinea has expanded the capabilities of its privilege access management (PAM) platform with the acquisition of rival StrongDM. The deal, announced in January for an undisclosed sum, closed on March 5. The addition of StrongDM's just-in-time (JIT) proxy-based access platform promises to extend Delinea's identity security capabilities beyond traditional vault-centric PAM. Delinea's Secret Server is currently designed as a vault that maintains permissions and enables users to check out static credentials.  StrongDM inserts ephemeral, real-time credentials through a developer-focused workflow, enabling Delinea to govern privileged actions across diverse environments without interrupting engineers' workflows. Its architecture provides a zero-trust, protocol-aware proxy designed to manage, secure, and audit access to databases, servers, Kubernetes clusters, and Web applications.  Related:SpecterOps Launches BloodHound Scentry to Accelerate the Practice of Identity Attack Path Management "The old PAM world was about giving IT admins access to a limited set of servers," says 451 Research principal analyst Garrett Bekker.  But with increased cloud deployment, users now need access to tools like Kubernetes clusters and other services. "The pool of users has expanded dramatically," Bekker explains. Loading... StrongDM's primary innovation is its ability to establish a proxy between users and target systems, including software-as-a-service platforms and databases, thereby enabling the addition of real-time credentials without interrupting modern developer workflows, Delinea CEO Art Gilliland tells Dark Reading.  "StrongDM created a workflow and an architecture that uses keystroke methods to be able to request passwords and get access to sensitive systems while meeting compliance requirements," he says.  Both a Unified Platform and Standalone Product With the proliferation of AI agents in enterprise systems and applications, Gilliland envisions Delinea, with the addition of StrongDM, governing these agents the same way it governs humans. StrongDM's architecture understands the agents' intentions and therefore grants minimal privileges only when they're needed, immediately preventing unapproved actions, Gilliand says. "We empower humans and machines to work how they want to, without friction," says StrongDM CEO Tim Prendergast, emphasizing that StrongDM aligns with developer-first, enterprise-grade security requirements.  Delinea appears to be positioning StrongDM as a core runtime authorization component within a single identity security platform, rather than keeping it as a standalone product. StrongDM's proxy/JIT model will be combined with Delinea's protocol/MCP proxy to manage AI agents at execution time, according to Gilliland.  Related:1Password Addresses Critical AI Browser Agent Security Gap However, Prendergast notes that StrongDM has always been "PAM-agnostic" for vaults, and customers will continue to be able to work with other vendors' PAMs, such as BeyondTrust and Okta. There is no plan of "if you don't buy Delinea, we're going to shut it off," he says, as StrongDM will "remain a fully featured product that can work and integrate with any PAM and vault on the market."  Based on current statements, future enhancements and features will likely be within the unified Delinea platform, and StrongDM will remain compatible with other ecosystems.  Founded over a decade ago, StrongDM is the latest PAM technology provider to be snapped up. CrowdStrike last month announced an agreement to purchase SGNL, which, like StrongDM, is known for its modern PAM offering, with both known for their real-time and zero-trust approaches to privileged access. Also last month, Palo Alto Networks closed on last year's $25 billion acquisition of CyberArk, the leading PAM platform provider.  While the CrowdStrike and Palo Alto Networks deals will boost the credentials management capabilities of their large security operations platforms, albeit in different ways, Delinea is adding complementary but necessary capabilities to its PAM offering. The company was formed with backing from TPG Capital after the 2021 merger of PAM providers Centrify and Thycotic.  Related:Identity Security 2026: Four Predictions & Recommendations Connecting Two Worlds  The StrongDM acquisition underscores the changing role of PAM, Gilliland says. Traditional PAM was built for IT administrators to check out passwords from vaults and log in to servers, but modern PAM must address more than that, Gilliland notes.  "Developers touch a hundred systems at once, and they want infrastructure‑as‑code workflows, not a break in their process to check out a secret," he says.  Prendergast, who will stay with Delinea in an unspecified role for the time being, says being acquired by Delinea aligns with how customers already use the respective platforms. Customers were already deploying Delinea's PAM and StrongDM's access platform side by side for entirely different audiences: IT on one side, developers and engineers on the other.  "We empower humans and machines to work how they want to," he says. "Delinea does that for IT teams; we do it for developers. Together, it becomes one access layer instead of two disconnected worlds."  Gilliland also emphasizes that modern AI systems expose intent metadata that could be used to enforce access parameters and prevent privilege creep. Ultimately, the combined platform will be able to evaluate what an AI agent is trying to do and restrict it to only those actions.  "If the agent deviates, we can stop it in real time," Gilliland says. "As enterprises begin deploying agents tied into seven, eight, ten different systems, real-time, intent-based access control becomes critical." 451 Research's Bekker says integrating IT‑admin workflows and developer-centric access models has been notoriously challenging. Because AI is evolving so quickly, he anticipates access‑control models may need constant reinvention. Consequently, he expects to see more M&A activity among identity and PAM technology providers.  "StrongDM is part of a broader trend of cloud‑native PAM vendors like Teleport and Britive," Bekker says. "I think a lot of them will end up getting acquired by traditional PAM vendors looking to expand what they can do." About the Author Jeffrey Schwartz Contributing Writer Jeffrey Schwartz is a journalist who has covered information security and all forms of business and enterprise IT, including client computing, data center and cloud infrastructure, and application development for more than 30 years. Jeff is a regular contributor to Channel Futures. Previously, he was editor-in-chief of Redmond magazine and contributed to its sister titles Redmond Channel Partner, Application Development Trends, and Virtualization Review. Earlier, he held editorial roles with CommunicationsWeek, InternetWeek, and VARBusiness. Jeff is based in the New York City suburb of Long Island. More Insights Industry Reports Frost Radar™: Non-human Identity Solutions 2026 CISO AI Risk Report The ROI of AI in Security Cybersecurity Forecast 2026 ThreatLabz 2025 Ransomware Report Access More Research Webinars Building a Robust SOC in a Post-AI World Retail Security: Protecting Customer Data and Payment Systems Rethinking SSE: When Unified SASE Delivers the Flexibility Enterprises Need Securing Remote and Hybrid Work Forecast: Beyond the VPN AI-Powered Threat Detection: Beyond Traditional Security Models More Webinars You May Also Like IDENTITY & ACCESS MANAGEMENT SECURITY Orgs Move to SSO, Passkeys to Solve Bad Password Habits by Nate Nelson, Contributing Writer NOV 13, 2025 IDENTITY & ACCESS MANAGEMENT SECURITY Philippines Power Election Security With Zero-Knowledge Proofs by Mercedes Cardona AUG 26, 2025 IDENTITY & ACCESS MANAGEMENT SECURITY NIST Digital Identity Guidelines Evolve With Threat Landscape by Arielle Waldman AUG 14, 2025 CYBERATTACKS & DATA BREACHES DeepSeek Breach Opens Floodgates to Dark Web by Emma Zaballos APR 22, 2025 Latest Articles in DR Technology CYBER RISK Why Post-Quantum Cryptography Can't Wait MAR 12, 2026 ENDPOINT SECURITY Cylake Offers AI-Native Security Without Relying on Cloud Services MAR 6, 2026 THREAT INTELLIGENCE Fig Security Emerges From Stealth to Fix Broken Security Operations MAR 5, 2026 CYBER RISK Speakeasies to Shadow AI: Banning AI Browsers Will Fail MAR 3, 2026 Read More DR Technology Want more Dark Reading stories in your Google search results?