IDENTITY attacks no longer hinge on who a cyberattacker compromises, but on what that identity can access, with access fabric multiplying across apps and environments and increasing both operational complexity and risk exposure for security teams, according to Microsoft Security Blog.
The piece highlights fragmentation as a core problem, noting that 32% of organisations say their access management solutions are duplicative and 40% say they have too many different vendors, creating visibility blind spots that attackers can exploit.
At RSAC 2026, Microsoft announced innovations aimed at unifying identity infrastructure, access control, and threat response into a real-time platform, including a new identity security dashboard in Microsoft Defender and a unified identity risk score that aggregates more than 100 trillion signals. The blog also describes adaptive risk remediation, automatic attack disruption, and Security Copilot’s triage agent extended to identity to accelerate containment and reduce analyst fatigue.
It emphasises moving from fragmented tools to an integrated fabric that provides continuous risk evaluation and real-time access decisions across human, non-human, and agentic identities.