Skip to content
Services
Support
Contact
Blog
     
    Delinea Blog > Platform truths: What others stitch, we build

    Platform truths: What others stitch, we build

    Robert Sawyer
    Written by
      
    Platform Truths: What Others Stitch, We Build
    7:52


    We had a chance to sit down with our own Chief Product Officer, Phil Calvin, to get a better understanding of what ‘platformization’ really means, how cloud-native architecture is a real differentiator, and how practical AI is transforming identity security.

    Here’s our conversation, packed with insights and valuable lessons.

    Q: What does "platform" mean for modern identity security, and how does it matter to security buyers?

    Phil: For me, a true platform isn’t a collection of products stitched together; it’s a foundation that solves real problems in a unified way. Customers don’t care about how many teams are building various features. They care that everything works together in a seamless, logical way.

    A platform should evolve with the industry, allow for rapid innovation, and give users a cohesive experience across use cases.

    At Delinea, we’ve built the platform to share the same components, whether it’s vaulting, analytics, or remote access, so users don’t feel like they’re jumping between disconnected tools. We often say, ‘don’t ship the org chart.’ And we live by that.

    Q: What distinguishes cloud-native platforms from legacy or “cloud-based” solutions or even a lift and shift solution?

    Phil: This is one that gets glossed over too often. A cloud-native platform is born in the cloud. It runs automated pipelines, enables independent teams to ship continuously and scale effortlessly across regions. At Delinea, we have over 40 engineering teams delivering to production independently. That agility is key.

    For example, a few months ago, there was a severe ingress vulnerability on Kubernetes. Our platform wasn’t exposed, but our cloud team wanted to patch it anyway.

    The announcement of that vulnerability was disclosed publicly on a Tuesday night. The next morning, we deployed—over the course of an hour—an upgrade to 28 clusters worldwide. Not a single customer noticed, and there was no downtime or impact on production or scalability. That’s the power of cloud-native, and where you get the advantage over a cloud-based solution or a lift-and-shift model.

    Q: What makes Delinea's platform different from CyberArk and others in the market?

    Phil: A few years ago, we looked at where the industry was heading and realized that patching together legacy systems wasn’t going to cut it. We had started down that path and quickly made a difficult decision to step back and start from scratch. We paused and focused on investing in a truly composable, cloud-native foundation. This was a big moment for us.

    Neither CyberArk nor BeyondTrust can currently claim that.

    It wasn’t easy, and for a time, we had 40 or 50% of our engineering team focused on building the new modern platform. But that investment paid off. Now, we have this amazing engine that runs continuously, and we can continue to add things to it without disruption.

    Last year, we bought two amazing companies, Authomize out of Tel Aviv and Fastpath out of Iowa. Because we built this incredible cloud-native foundation, we could integrate both into our platform. They’re not just bolted on with some duct tape, they are part of the platform.

    Q: What does the Palo Alto + CyberArk news mean for the industry and Delinea?

    Phil: It’s a huge validation of what Delinea is doing. The shift from infrastructure-focused to identity-focused security is real. CyberArk helped invent the Privileged Access Management (PAM) space, no question. But their approach is still largely cloud-based, not cloud-native. That’s an important distinction. Delinea is on the leading edge of the next generation of PAM.

    Now, CyberArk is part of a massive integration project with Palo Alto. I don’t know CyberArk's technology firsthand, but I know it generationally, and bringing together two giant organizations is going to be a challenge. Merging legacy stacks is tough. It creates delays, misalignment, and distraction. Meanwhile, Delinea is operating on a unified platform, shipping fast, and focused on the next decade of identity security. That’s a major differentiator.

    Q: What’s Delinea’s strategy for AI in the platform?

    Phil: We’re pragmatic technologists at heart. The thing about our platform is that, because of the nature of the modern cloud native architecture, we can build new services for AI into the core of the platform. They use the core shared services in the platform, like session recording, secrets access, and the fundamental storage and audit systems. This use of the fundamental systems made bringing in AI capabilities pretty straightforward.

    The second part of that is that we recently launched Delinea Iris AI. Whether it’s a human or machine identity doing something, you must have permissions to get access and authorization to do what they are asking you to do. Delinea does this really well.

    instead of reviewing 10,000 hours of sessions, I can see the exact line and minute where a user went rogue

    We launched Delinea Iris AI with a couple of things out of the gate.

    First, AI-enhanced auditing enables us to look at sessions to surface anomalies. So instead of having to review 10,000 hours of sessions, I can be pointed to the exact line and minute where a user went rogue.

    Second, AI-based authorization is an agent that runs in our platform that the customer can configure to actually do the authorization, justifying whether they have the right ticket, the right location, or if their risk file is appropriate, and recommend approval, or not, in real-time.

    These are both strong pragmatic uses of AI within the system, but this is just the beginning. Our platform enables experimentation with proprietary LLMs, which is particularly important for customers with data residency or compliance requirements. We’re also helping customers secure their own use of AI by managing access and permissions for AI agents.

    Q: What advice do you have for CISOs or buyers choosing identity security vendors?

    Phil: First, let me say I am biased, obviously. But the first thing is to make sure it runs forever. Reliability is everything. Ask about maintenance windows and how updates are delivered. Then ask how fast they can respond to threats and how easily they can evolve. You don’t want to make critical IT and security decisions every year. You want to work with vendors that are focused on building for the long term and even into areas they don’t know exist yet.

    Remember you’re not just buying a tool; you’re choosing a long-term partner. Make sure you partner with one that delivers value immediately and consistently, scales and adapts over time, and doesn’t require annual migrations or retraining. At Delinea, we’ve engineered the platform for the future, and we’re ready for it.

    Q: What’s next for Delinea?

    Phil: Threats are getting faster, and they’re embracing AI too. The only way to keep up is to innovate continuously, and that’s what our platform enables.

    We’re looking at things like proprietary LLMs and expanding capabilities of MCPs but the key here is our ability to keep pace. Our platform allows us to do that. We can innovate and address situations out in the world faster than others. And that’s because of our investment in the platform. Some of our competitors will have a bit of a harder time making changes and really keeping up with it, especially if they’re thinking of a large-scale integration.

    Final takeaways

    The future of identity security is speed, composable, and built to last. With a cloud-native platform already available today and pragmatic, practical AI already in production, Delinea is proving that it’s not just ready for what’s next, it’s already delivering it.

    Watch the full interview:

     
    , ,