Delinea and StrongDM to improve identity security for Agentic AI era

Delinea has agreed to acquire StrongDM, in a deal that links privileged access management with just-in-time runtime authorisation as organisations expand the number of machine and AI identities inside their systems.

The companies said the combined platform will cover administrators, developers, non-human identities and AI agents. It will apply access policies across on-premise and cloud environments.

Delinea sells privileged access management software. StrongDM sells access management tools that focus on modern engineering and DevOps teams, including environments that use automation and AI-driven workflows.

The buyer said it has signed a definitive agreement and expects the transaction to close in Q1 2026, subject to customary closing conditions and regulatory review. The companies did not disclose financial terms.

Access controls

The acquisition centres on how enterprises handle privileged access when identities are short-lived and frequently created by automated systems. Security teams have faced a growing workload from non-human identities, including service accounts, bots and machine identities used by software.

The companies described StrongDM’s technology as just-in-time runtime authorisation. They said it will extend the Delinea platform and create a single layer for policy, governance and audit.

Delinea said the combined system will enforce least privilege at the moment an action takes place. It said the approach will support both ephemeral access and credential-based access models.

The companies also positioned the deal around a shift to zero standing privilege. That model reduces long-lived permissions and persistent credentials. It can also affect how organisations manage access for developers and automated processes across infrastructure, databases and production systems.

AI and NHIs

AI agent use inside enterprises has become a new focus for identity and access management products. Companies now treat machine identities and autonomous agents as privileged actors inside workflows that can touch production data and business systems.

Stephen Davis, CISO at Hubbell Incorporated, linked the acquisition to the security of AI agents.

“As we move forward scaling agentic AI, choosing the right partner to secure AI agents from day one is critical,” said Stephen Davis, CISO at Hubbell Incorporated. “Bringing together Delinea and StrongDM will give us a unified way to monitor, authorise, and govern privileged access for IT teams, developers, and AI agents across on-prem and cloud environments – all in a single platform.”

Product direction

Delinea said StrongDM’s runtime authorisation will be combined with the Delinea platform. Delinea also said its platform is “powered by Iris AI”. The company did not detail how that element will be used inside the combined product.

The companies described a move away from older session-based privileged access management approaches. They said runtime authorisation provides continuous evaluation and response for privileged activity across human and non-human identities.

They also set out product outcomes they expect from the combined platform. Those included developer access to cloud infrastructure, databases and containers. They also included reduced exposure to credential theft, phishing and software supply chain attacks through fewer persistent credentials.

Another element covered governance of AI agents and machine identities, with unified visibility, auditability and continuous policy enforcement for privileged actions. The companies also described a single control plane for privileged access policy, authorisation and audit across on-prem, cloud and SaaS environments.

“Stolen or lost credentials remain the number one cause of breaches, which makes identity the core control layer for modern security,” said Art Gilliland, CEO at Delinea.

Gilliland also described the deal as part of Delinea’s shift towards ephemeral access models.

“This acquisition will accelerate our evolution toward modern, ephemeral access models typical of cloud and AI-centric environments, empowering organisations to secure NHIs with the same rigor applied to human access. We’re giving organisations the freedom to move faster without compromising security or control,” said Gilliland.

StrongDM said it sees older access models as a poor fit for environments where infrastructure changes constantly and identity creation scales rapidly.

“Access models designed for static infrastructure and human users simply don’t work in continuous cloud and AI-driven environments,” said Tim Prendergast, CEO at StrongDM. “By joining Delinea, we will deliver runtime authorisation at enterprise scale, securing every privileged action through policy-based enforcement that stays invisible to developers and operators. This is identity security built for how modern enterprises actually run,” said Prendergast.

Deal mechanics

Piper Sandler acted as financial advisor to Delinea. The companies said they expect to complete the acquisition in Q1 2026.