June 26, 2019
Zero Trust

Idaptive, The Home Run Machine

Archit headshot
Archit Lohokare Chief Product Officer
Idaptive Home Run

“Yesterday’s home runs don’t win today’s games.” – Babe Ruth. 

Idaptive’s placement as one of the only two leaders in The Forrester Wave™: Identity-As-A-Service (IDaaS) For Enterprise, Q2 2019 report two weeks ago, less than six months after its launch as an independent security SaaS company, was an incredibly exciting and inspiring milestone. It made me introspect on our journey over the last few months after our spin-out from Centrify and truly ruminate over what market, or what “game” we’re competing in today and how this “game” will evolve tomorrow. And more importantly, as Idaptive continues to win in this market, what will constitute a “home run” in this game in the years to come. 

The game is Zero Trust, and this is the Zero Trust World Series…. 

That thought truly put things in perspective.  

The Idaptive platform’s promise is to deliver Next-Gen Access using a Zero Trust approach. The Zero Trust approach is based on the principle of “Never Trust, Always Verify”, and incorporates fine-grained contextual attributes to govern and enforce access to an application, data, network, and other critical assets that the user needs at the time. In essence, a system that implements a Zero Trust approach needs to be able to enforce strict multi-factor authentication and fine-grained authorization by continuously collecting and analyzing broad contextual information from all sources, such as attributes of the user, device, network, location, time and risk to let the user in. In terms of core capabilities, this translates into an integrated, API-first cloud service that delivers Single Sign-On (and Access Management), Identity Lifecycle ManagementMobile and Endpoint Management and Machine Learning driven User Behavior Analytics in one single consolidated platform.  

Idaptive, the home run machine… 

Idaptive is the only leader in the Forrester report that is rated the highest in precisely these capabilities – the capabilities that are absolutely necessary for truly implementing a Zero Trust approach. In other words, this report calls out several home runs Idaptive scored that demonstrate the company's superior Zero Trust offering. 

Home Run #1: Access Management and Identity Management Policy & Administration 

Idaptive scored the highest in its ability to author and manage fine-grained identity and access management policies for end users — a core requirement of a Zero Trust platform. The platform scored the highest in part due to its comprehensive role-based access control and contextual attribute-based access control framework. Additionally, the sheer array of fine-grained policies related to authentication and authorization for all types of apps, from all types of devices and for all types of users available in the Idaptive platform was instrumental in helping Idaptive showcase its stronger Zero Trust capabilities. 

Home Run #2: Mobile IDaaS Functionality 

The second area that Idaptive scored the highest in is Mobile IDaaS functionality. Most Zero Trust Identity platforms, including other leaders in the IDaaS report, claim to be able to leverage device context for access through “third party integrations”. But none of them, except Idaptive, can truly provide an integrated, built-in deep device context, without which Zero Trust remains a pipe-dream. The Idaptive platform’s ability to leverage all types of contextual information and apply that information to access, especially deep mobile and device context achieved through its endpoint and mobility management platform, clearly stood out as a genuine advantage and a real differentiator in the report. 

Home Run #3: Support for Connected On-prem Apps (VPN-less access to on-prem Apps) 

Idaptive is the only leader in this report that has enabled fine grained access control and Single Sign-On to on-prem apps, without a VPN or integration with a third-party proxy for the past few years now. Requiring end users to be granted access rights to the entire network through a VPN, regardless of the fact that they only need to access one app, violates the Zero Trust principle.  

Let’s be honest – supporting SSO for cloud apps is easy and has become commoditized largely due to the adoption of standards like SAML, OIDC, and others. But in a multi-cloud, hybrid organization, a platform cannot truly claim to be “Zero Trust” if it cannot protect all types of applications, especially those on-prem in the company’s data center.   

Home Run #4: API Security and Solution APIs 

Idaptive’s engineering organization, since its inception, has incorporated the API-first mantra in its design paradigm, with every capability in the platform starting with an API. Any Zero Trust platform loses the “platform” bragging right if it cannot let its services be consumed by other applications, workloads, devices for authentication and authorization. And when it comes to API security and solution APIs, Idaptive has once again scored a home run in this report.  

Home Run #5: Reporting and Data Analytics 

The final, and probably one of the most impactful home-runs for Idaptive in this report is the clear validation of our vastly superior analytics capabilities. Idaptive is the only leader that has its own integrated User Behavior Analytics sub-system that delivers comprehensive descriptive and predictive analytics to our customers – complete with a library of built-in reports and dashboards, a flexible widget-based dashboard designer, an incident exploration and investigation, and incident response orchestration and automation designer, third-party threat data ingestion, and finally, a threat modelling engine that allows the building of custom threat and risk models.  

Just Getting Started

All this said, I firmly believe that we, at Idaptive, are only just getting started in this game of Zero Trust. And the prospect of building on an incredible foundation we already have and innovating, while continuing to deliver on the promise of Zero Trust to our customers in the years to come, is a truly exciting and inspiring endeavor. 

Archit Lohokare

Archit headshot
Chief Product Officer

Archit Lohokare is Chief Product Officer at Idaptive, where he is responsible for product strategy, driving innovation, and bringing new products and services to market. He transitioned over to Idaptive as it was spun-out from Centrify, where—as Vice President of Product Management—he led the Identity-as-a-Service (IDaaS) and Unified Endpoint Management product portfolio. Prior to Centrify, Archit was Vice President of Products at Optymyze, where he led the product management team responsible for the company’s Sales Performance Management and Sales Platform-as-a-Service SaaS and PaaS solutions, securing a Leadership position in the first Gartner Magic Quadrant report on Sales Performance Management along the way. 

Earlier in his career, Archit led Symantec's Cloud Information Protection Security-as-a-Service offering, and IBM's Access Management product line, comprised of Web Access Management, Identity Federation, Enterprise Single Sign-On, and Risk-based Access and Entitlements Management products. Archit joined IBM through the acquisition of Encentuate, a leading Bay Area start-up in the security software space; as an early employee, he had the opportunity to contribute to its successful exit. 

Archit has an MBA from UC Berkeley-Haas School of Business, and a bachelor’s degree in Computer Engineering from NTU, Singapore, where he was awarded the SIA-NOL undergraduate scholarship by the Ministry of Education, Singapore.

Archit is an avid history buff, enjoys reading in his spare time and running breathlessly after his one-year-old, hyperactive son.


If Archit could have any Chameleon-like superpower, it would be the ability to change colors quickly and adapt. “Actually, it would be like the ability of our IAM solutions to adapt instantaneously to a customer’s environment and user behavior. Anomalous user access? A snap! Presto, change-o – like a chameleon from green to red in an instant, adapt to the change in user behavior and request user to assure their identities using multi-factor authentication...”