Ping Identity Expands Into Privileged Access With Just-in-Time Controls

Ping Identity is widening its reach in enterprise identity security with the launch of new privileged access capabilities, aiming to give organizations unified control across the full spectrum of identity management. The update, unveiled today, integrates Privileged Access Management (PAM) into Ping’s platform alongside its existing Access Management (AM) and Identity Governance and Administration (IGA) features.

Breaking Away From Vault-Centric PAM

For years, PAM has been dominated by vault-based systems that store and rotate administrator credentials. Ping is betting that model is too slow for the pace of multi-cloud adoption.

“As enterprises embrace multi-cloud strategies, the scale and complexity of cloud permissions are expanding faster than ever. Traditional, vault-based PAM solutions can't keep up with today's dynamic business needs,” said Peter Barker, Chief Product Officer at Ping Identity.

Instead, Ping is offering just-in-time (JIT) privileged access, where users can request temporary, time-bound rights to critical resources. This approach aligns with zero trust principles by limiting standing privileges and reducing the risk of stolen credentials being abused.

Key Features: Passwordless, Auditable, and Hybrid-Ready

The new PAM suite emphasizes several security priorities:

• JIT Privileged Access: Controlled access to cloud platforms such as AWS, Azure, and Google Cloud, as well as on-premises systems like servers, databases, and Kubernetes clusters.

• Passwordless Authentication: Privileged sessions secured without static credentials, eliminating risks tied to exposed SSH keys or RDP passwords.

• Compliance Alignment: Built-in audit logs and session recordings designed to meet standards including SOX, SOC 2, HIPAA, and PCI DSS.

• Hybrid Infrastructure Support: Fine-grained entitlements across cloud and containerized environments with real-time, context-aware authorization.
  

At the device level, the system uses Trusted Platform Modules (TPMs) to harden privileged sessions, supporting both agentless and agent-based deployments.

A Platform Play

Ping’s move signals a push toward offering a single pane of glass for identity security. “With the addition of PAM capabilities, we're empowering organizations to adopt just-in-time privileged access and solve a broader set of identity and security challenges – all within a unified platform,” Barker added.

Andre Durand, Ping’s CEO and founder, positioned the launch as a response to broader forces reshaping cybersecurity. “We're at a critical inflection point, where AI is reshaping the landscape and eroding trust,” Durand said. “Ping is now uniquely positioned to equip organizations with next-generation privileged access capabilities—protecting access to cloud infrastructure and securing the full spectrum of identities from a single, trusted platform.”

Powered by Procyon

The privileged access functionality arrives through PingOne Privilege, a product bolstered by Ping’s acquisition of Procyon earlier this year. Founded in 2021, Procyon built a cloud-native platform focused on seamless, DevOps-friendly PAM that minimized deployment friction. Its founders — Sukhesh Halemane, Suman Sharma, and Mahantesh Pattanshetti — envisioned a system that balanced high-assurance security with developer productivity, a theme Ping is now extending to large enterprises.

Market Implications

The expansion underscores a broader convergence trend in identity and access security. Instead of separate vendors for AM, IGA, and PAM, Ping is betting that customers will prefer a unified platform with end-to-end visibility. With cloud complexity continuing to multiply, the timing may be on its side.