If you’ve been paying attention to the identity space lately, you may have noticed a buzzword increasingly tossed around: Identity Threat Detection and Response (ITDR). Predictably, almost every identity vendor, endpoint vendor, and several adjacent players are jumping on the bandwagon to claim they do “ITDR”.
Spoiler alert: most of them don’t.
ITDR is important—critically so. As identity attacks become the top vector for breaches, security teams need real-time visibility and response capabilities to address limitations with identity management systems that can’t detect fast growing attacks. But instead of building meaningful ITDR capabilities, vendors are slapping the term onto weak or even existing features—“hey, we detect anomalous logins, right?”—let’s claim that as ITDR and upsell customers for it. There are a growing number of examples of this in the market:
ITDR washing follows an unfortunately common pattern of vendor “washing” to stake claim to a faster growing category, but results in yet more market confusion and ultimately some customers left with fragmented, incomplete solutions.
Verosint was purpose-built ITDR architected around AI behavioral analytics, curated identity intelligence signalling including OSINT, and real-time automated response workflows. Only by detecting and responding to identity-based attacks in real-time can you prevent the near immediate downstream damage that often occurs. We also believe ITDR should be address threat to both workforce and customer identities in the same platform. It should also be able to work across multiple identity providers (IDPs) and any endpoint detection (EDR/XDR) systems because organizations with heterogeneous environments hate being forced to make rip-and-replace decisions or locking uncomfortably into a single vendor stack.
✅ Real-Time Correlation and Response – We aggregate, normalize, and act on identity threats in real time, not after the fact.
✅ IDP-Agnostic – Integrate with Okta, Azure AD, Ping, or anything else in your stack.
✅ Endpoint-Agnostic – Pull risk signals from any endpoint platform, not just one vendor’s.
✅ For all Identities – Implement fast with APIs calls that address both workforce and customer identity threats.
You may have heard this one before - “Identity is the new perimeter”. It’s actually true that identity-based attacks are now the most common security breach attack vector. It’s also true that marketing can be useful to educate the market and provide awareness of solutions to growing challenges.
However, vendor product marketing that willfully bends the definition of solution categories to fit existing capabilities that don’t address the root problem are less than helpful and can confuse and mislead customers. Focus on ITDR solutions that deliver what security teams actually need: unified visibility, advanced identity intelligence and correlation, AI behavioral analytics, and real-time response across the entirety of your identity and endpoint landscape.