Identity Governance & Administration
Radiant Logic Pursues Identity Governance With Brainwave BuyDeal Means Radiant Logic Can Dump Attestation-Based Audits for a More Rigorous Path
Radiant Logic has agreed to purchase Brainwave to move from an attestation-based identity governance model to one that more rigorously ensures the appropriateness of credentials.
The San Francisco-area identity data provider says France-based Brainwave GRC uses data and artificial intelligence to tell customers where in the organization user identities are most likely to be out of sync, says CEO Joe Sander. Credential issues often arise around newly hired or recently departed employees, as well as with personnel moving to a new position within the same organization, according to Sander.
"Customers are spending a lot of money on the traditional identity governance and administration products, and yet from a value perspective, it's not really lining up," Sander says. "This is one area inside the compliance side which was called out as something that we're very close to being able to provide to them if we just had this analytical engine and reporting capability on top."
Terms of the acquisition, which is expected to close in early April, weren't disclosed. Brainwave was established in 2010, employs 50 people and was co-founded and led by former Oracle, BT and Capgemini employee Cyril Gollain. All of Brainwave's employees are expected to join Radiant Logic, and Gollain will continue to lead the unit for at least six months until he moves into a role within Radiant Logic (see: The Connection: Risk, Identity Management and Zero Trust).
'I Want to Own an Emerging Slice of the Space'
Organizations historically satisfied the audit component of governance through attestation, meaning the company itself decides what's important and then attests to ensure things are working according to plan, according to Sander. Government audits are similarly conducted through attestation, meaning key stakeholders review a list of identities and attest they're all correct, Sander says.
"If I'm simply doing attestation-based audits, there's not a lot of value there," Sander says. "It's more like, 'I just gotta go do this and check a box,' but if I can look at that environment and derive value, that's a huge plus for our customers. We spend time with our customers and talk specifically about areas that we could invest in. And this area was a particularly large one that they wanted us to go spend time on."
Radiant Logic currently pushes data out to identity governance leaders SailPoint and Saviynt, and Sander says the company's push into IGA is meant to complement rather than replace market incumbents. He says Radiant Logic will focus narrowly on using analytics and data-driven decisions to improve governance, while leaving the broader identity administration market to the likes of SailPoint or Saviynt.
"I fully expect my customers to continue to utilize SailPoint or Saviynt or Ping or Okta. That isn't our objective," Sander says. "I want to own an emerging slice of the space. But I don't expect to own the whole space."
Brainwave will continue to be sold as a stand-alone product after its acquisition by Radiant Logic and will be more broadly integrated into the Radiant Logic technology stack during the second quarter of 2023. At a high level, Sander says, he intends to marry the data-driven capability of Radiant Logic and Brainwave's analytical engine to exponentially increase the value of identity governance technology.
The Glue Between Data and Identity Vendors
From a geographic perspective, Sander says, Brainwave will provide Radiant Logic with a presence and infrastructure in Europe, particularly France. On the flip side, he says, becoming part of Radiant Logic will give Brainwave go-to-market capabilities in the United States that it wouldn't have ever been able to build on its own due to the associated cost.
Both Radiant Logic and Brainwave primarily serve Global 1000 customers. Brainwave focuses heavily on the fintech market while Radiant Logic's customer base spans everything from retail, manufacturing and finance to insurance and the U.S. government. Over time, Sander hopes to develop tools that allow slightly smaller customers to obtain value from Radiant Logic.
As far as metrics are concerned, Sander expects to triple the size of the Radiant Logic business over the next 36 months while expanding the company's swim lane to create a meaningful identity business akin to the likes of ForgeRock or Saviynt. Specifically, Sander says, he hopes Radiant Logic will become a dominant vendor within the identity governance market.
"Radiant Logic is the glue that exists between data and the various parameters and identity vendors that CISOs will be interfacing with to create a zero trust initiative," Sander says.