Term · 27. Emerging Categories 2024-2026

Drift Detection

IDM/IGA Domain

Identity Security CNCF Introduced by: KuppingerCole

Definition

Continuous monitoring of identity and access configurations to detect unauthorized deviations from approved baselines. Compares current state (entitlements, group memberships, role assignments) against intended state (provisioning policies, approved access requests). Detects backdoor access, orphan accounts, privilege creep, and direct-edit bypass of provisioning workflows.

Synonyms

Configuration drift monitoring

Application: Regulatory: CNCF — SPIFFE / SPIRE specs · KuppingerCole Leadership Compass

Standards & regulations

CNCF
KC

Related terms

AI Agent Identity

Identity assigned to an autonomous AI agent acting on behalf of a human or workflow. Distinct from human identities (wit …
Continuous Adaptive Trust

Authentication and authorization paradigm where trust is recomputed continuously throughout a session based on real-time …
Identity Control Plane

Centralised policy and orchestration layer governing identity decisions across heterogeneous IAM, IGA, PAM, and authoriz …
Identity Data Fabric

Architectural pattern that consolidates identity data from all enterprise sources (HR, IGA, IAM, PAM, AD, Entra, cloud, …
Identity Fabric

KuppingerCole-coined architectural concept (2019, mainstream 2023+) for an integrated identity platform that delivers al …
Identity Recovery (IR)

Ability to restore identities and access entitlements after a destructive event — ransomware, mass account compromise, m …

← Back to glossary · Open in main list