At Delinea, we embrace a collaborative design philosophy, co-creating innovative products with our valued customers. This partnership ensures that our innovations are both groundbreaking and grounded in real-world needs.
Leading the incubation team at Delinea, I strongly foster a startup mentality. Before reaching the Minimum Viable Product (MVP) stage, we develop a working thesis, concept, and prototype. This dynamic process involves numerous iterations, enriched by the feedback from our design customers. It's a creative journey where unexpected discoveries can lead to exciting breakthroughs.
...the transformative impact of AI in the next five years is often underestimated
This collaboration is especially vital in our work with Artificial Intelligence (AI). Amidst the excitement surrounding AI, it's crucial to maintain a balanced perspective. While some may overestimate short-term advancements, I am sure that the transformative impact of AI in the next five years is often underestimated. AI is set to become an integral part of our daily lives.
Every interaction we have with Delinea customers highlights their struggle to integrate AI into their IT and security operations in meaningful ways. AI isn't a magical solution; it requires a thoughtful, pragmatic approach. At Delinea, we believe in taking measured and safe steps today to accelerate progress tomorrow.
Below, I've shared some of the most frequently asked questions from our customers, along with the insights I provide. I hope these will be valuable as you develop your own AI roadmap and explore how Delinea and AI-driven identity security can help you achieve your objectives.
Q1. Why would you want to use AI to make authorization decisions?
Let’s say you’re requesting access to a privilege, and your co-worker or boss needs to approve. You could have 40 requests flying around every day in the company. At some point, it becomes muscle memory to just say “approve.” You're not even looking at the request anymore.
This is where an AI can help do a careful, consistent, policy-based inspection of the request. It can ask, “Hey, is this Bob? What’s his current risk score? Does his request match the secret or does the privilege he’s requesting have too much scope? Is it in conflict with our Segregation of Duties policies?” It’s almost like a human problem, because AI can act very human-like.
Q2. How can AI help with identity threat detection?
AI can detect patterns that are often difficult and time-consuming for humans to recognize, much less triage and chase down the various alerts. AI can help you inventory and continually discover identities, identify and fix misconfigurations such as disabled MFA, over-entitled identities, and stale accounts, detect anomalous identity behavior compared to baseline activities, and even respond to identity threats with automated actions and insights.
Q3. How are you testing and refining Delinea AI to ensure reliability?
We have gone through numerous iterations to create a solution that is firmly rooted in curated knowledge. When we began developing Delinea Expert, we quickly achieved 50% reliability. However, reaching 80% required significant effort, and even then, we felt it wasn't sufficient. To improve further, we implemented a closed-loop feedback system, allowing users to report issues, add documentation, and refine the results. Through continuous updates to the model, we have successfully increased reliability from 80% to 95%.
Additionally, we have integrated a patent-pending self-check mechanisms into the model to assess the AI's confidence in its answers. If the AI is uncertain, it offers recommendations rather than providing a definitive answer.
Q4. How does Delinea ensure the ethical use of AI in its products?
At Delinea, we prioritize ethical AI use by adhering to strict guidelines and continuously monitoring AI systems for bias and fairness. We work closely with our customers to ensure transparency and build trust in AI-driven solutions.
Q5. For those starting with AI for identity security, what’s the first AI solution you would recommend adopting?
It's important to focus not solely on AI itself but on adopting a comprehensive Identity Security platform, such as Delinea's. We integrate AI capabilities in a way that aligns with your organization's maturity level and risk tolerance for AI. This approach allows you to benefit from AI effectively within a robust and safe framework.
Q6. Can you trust an AI? Can it be corrupted or manipulated?
Fair question. Before AI, we asked this question about code. But it was less of a problem because you had code that was designed for one thing only. You could inspect the code and ensure it was doing the right thing. But if an AI’s LLM has 30 billion plus parameters, you can never check everything that's in there.
Maybe there's something dormant in there that could be triggered by a foreign entity to go rogue. You need to have controls around that. That means carefully controlling access to your AI agents and models to avoid AI poisoning or any kind of malfeasance.
Q7. What’s the best way to protect your AI agents from attack?
You can think of AI agents as a machine or non-human identity (NHI). Therefore, make sure you have a complete inventory of all AI agents operating across your organization, and associate each with a human owner and the processes or applications they are tied to. Just like any NHI or machine identity, carefully control any secrets that unlock your AI agents in an enterprise-level vault, rotate the secrets regularly, audit them, and make sure they expire when no longer needed.
Q8. What can you share about the Delinea AI roadmap?
We are very excited about our AI roadmap. It includes embedding core AI features like Delinea Expert+ to enhance decision-making and streamline operations. We are developing AI solutions such as Session Anomaly Detection and Automated Approvals to proactively identify threats and expedite privileged access, making identity security more intuitive and resilient.
Additionally, we will focus on discovering and governing AI models through robust frameworks that ensure transparency and accountability, helping our customers with transparency in the sanctioned use of AI technologies.
