Guest article: SGNL
A look into the decision-making process that led one of the world’s top automotive manufacturers to select SGNL to replace its legacy PAM solution and build a foundation for Continuous Identity.
Overview
Zero visibility into real-time context. For a Fortune 50 automotive manufacturer operating across AWS, Azure, and GCP, their legacy PAM solution had become a roadblock to their zero trust vision—and a growing security risk.
The company initiated a search for a modern privileged access solution to advance its zero trust security program and reduce risk across its multi-cloud infrastructure. Their existing tool created significant operational friction with its slow, manual approval workflows and an inability to verify business context and security posture in real time. After a competitive evaluation, the company chose SGNL for its unique identity data fabric, contextual policy engine, and identity events orchestration capabilities. SGNL was able to successfully demonstrate the policy-driven, automated access processes needed to secure their business for the future.
The challenge of choosing a truly modern privileged access solution
The company’s driving force was risk reduction. Their security vision was centered on Continuous Identity and achieving Zero Standing Privilege, but their existing solution was a significant roadblock. The entire end-to-end user journey for privileged access required human requests and human approvals, taking anywhere from minutes to hours for each one. Crucially, while a change request was required for privileged access, it was up to the approver to manually verify if the ticket was valid and assigned to the user. Their zero trust requirements also required a real-time check of the user’s security posture, which was absent from the existing process.
The stakes were high. Every delayed access request slowed incident response, every manual approval introduced human error, and every standing privilege expanded their attack surface. Their security team knew they needed a fundamental shift—from reactive access management to proactive, context-aware orchestration.
The team evaluated several alternatives, including traditional Privileged Access Management (PAM) solutions. However, they found these tools were too focused on on-premises infrastructure. They lacked a true identity data fabric that could ingest the rich business context and real-time security signals necessary to make intelligent, automated access decisions for their cloud-first environment. The company needed a solution that could provide Continuous Identity protection across AWS, Azure, and GCP, using Microsoft Entra ID as their central SSO provider.
What the customer needed to see delivered
Automated, policy-driven access: A complete replacement for the slow, manual request/approval workflows in Azure PIM.
Real-time contextual enforcement: The ability to programmatically verify signals from ServiceNow, PagerDuty, and CrowdStrike before granting access.
Cloud-native architecture: A solution built for their multi-cloud footprint across AWS, Azure, and GCP, not legacy on-prem systems.
Rich data integration: An identity data fabric capable of connecting to a wide array of systems and signals, including Entra ID, CrowdStrike, ServiceNow, Proofpoint, and standards-based Shared Signals.
The power of the Identity Data Fabric led to a successful POV
The company’s search led them to SGNL, whose approach was fundamentally different from the other vendors they considered. SGNL’s Identity Data Fabric was the breakthrough. Unlike legacy PAM tools that operate in isolation, SGNL could ingest and correlate context from across their entire stack—ServiceNow tickets, CrowdStrike risk scores, Entra ID attributes, and SailPoint governance data—making each a useful factor in real-time access decisions.
This meant moving from ‘Does this user have permission?’ to ‘Should this user have access right now based on everything we know?’ This would allow them to move from a slow, unverifiable process to one that was automated, intelligent, and nearly instantaneous.
To validate this approach, the company engaged in a three-week proof of value (POV) designed to prove SGNL could meet all their core use cases.
During the POV, SGNL demonstrated its ability to:
Integrate seamlessly with their entire identity and security ecosystem, including Entra ID, CrowdStrike, Salesforce, JIRA, ServiceNow, and SailPoint.
Build policies that evaluate real-time context, such as verifying an open ServiceNow ticket and a low CrowdStrike risk score, before granting access.
Orchestrate session-bound privileged access to their multi-cloud infrastructure in AWS and Azure.
Provide clear visibility into access decisions with real-time notifications to users and security teams in Slack.
The POV proved to be successful, and SGNL was chosen as the clear winner at its conclusion. The company’s identity and security teams had found the partner and the technology that could deliver on their vision for policy-driven access and Continuous Identity at scale.
The results were immediate.
Access request time dropped from minutes or hours, to seconds: Policies automatically verified ServiceNow tickets and CrowdStrike scores without human intervention.
Manual approval workflows eliminated: Context-driven policies replaced the need for approvers to manually verify tickets.
Real-time visibility achieved: Security teams received instant Slack notifications for all access decisions, creating an audit trail that was previously impossible.
Critical systems for the POV
Integration architecture
SGNL integrates with the company’s identity providers to deliver session-level authorization for privileged access to AWS.
Contextual access policy
SGNL’s contextual policy engine ensures engineers can only access cloud infrastructure when assigned a change request, and are working from a compliant device.
Expanding to enterprise-wide Continuous Identity
With the decision to purchase SGNL, the company is moving forward with a clear, strategic vision for their zero trust identity program. The initial implementation will focus on replacing their management of privileged access to cloud infrastructure, with the immediate goals of reducing risk and accelerating identity operations. The expected cost savings from retiring manual access requests and approvals in both PAM and IGA workflows significantly influenced the business case.
For this customer, SGNL represents more than a PAM replacement—it’s the foundation for their Continuous Identity architecture, where access decisions adapt as fast as their business and threat landscape change.
The case of a Fortune 50 automotive leader choosing SGNL to replace legacy Privileged Access Management (PAM) is a prime illustration of the enterprise shift toward Continuous Identity and advanced Zero Trust. This real-world transition is central to the Modern Identity Management sessions at Identity Week Europe, and the sessions focusing on Cloud-Based Identity and accelerating security operations. Experts from Vodafone, Evri, IKEA, Metro Bank, Elexon, Ahold Delhaize, and more will focus on the successful implementation of an Identity Data Fabric to automate access decisions using real-time contextual signals.
