RSA announced new Identity Security Posture Management (ISPM) and enhancements to the industry's only complete, enterprise-grade passwordless identity platform at Infosecurity Europe 2025. These innovations will help enterprises proactively find and resolve security risks across hybrid and cloud environments and simplify users' log-in processes with advanced, phishing-resistant security capabilities.

RSA Announces New RSA Governance & Lifecycle ISPM Capabilities

Built into the RSA^® Governance & Lifecycle identity governance and administration (IGA) solution, the new ISPM features from RSA address critical cybersecurity risks that result from cloud computing, remote work, and the growth of human and non-human identities.

Increasingly complex IT environments have made it impossible for organisations to gain a comprehensive understanding of their identity posture using traditional approaches to identity and access management, leaving them vulnerable to attacks, fines, and other risks. To adapt to this evolving threat landscape, organisations are turning to ISPM, a new cybersecurity framework that complements traditional IGA functions by stressing comprehensive visibility, continuous risk assessment, and automated remediation of identity-related vulnerabilities.

Combined with leading RSA Governance & Lifecycle IGA capabilities, RSA ISPM innovations help organisations proactively reduce their identity attack surface. The new AI-powered dashboards provide organisations with comprehensive visibility into their identity ecosystem; deliver proactive insights on policy violations, excessive entitlements, orphaned accounts, and other critical risks; and deliver clear, actionable insights and recommendations for admins, business leaders, and executives. The new RSA Governance & Lifecycle ISPM capabilities will be generally available in Q3 2025.

"Reactive identity security capabilities simply aren't sufficient for today's threats, which demand solutions that can proactively find, prioritize, and resolve identity risks," said RSA CEO Rohit Ghai. "Government departments, banks, healthcare, energy, and other security-first organisations need a unified identity platform-including strong access security, enterprise-grade passwordless authentication, governance, and lifecycle workflows operating in an ISPM framework-to stop cyberattacks, stay compliant, and accelerate productivity."

"For identity teams overwhelmed by data, the new AI-powered dashboards from RSA provide the proactive information they need to prioritize actions and enhance their security," said RSA Chief Product and Technology Officer Jim Taylor. "With more threats, higher compliance expectations, and shrinking cybersecurity budgets, the new RSA Governance & Lifecycle ISPM capabilities can help organisations do more-and more effectively-with less."

"RSA Governance & Lifecycle provides organizations with the tools, visibility, and insights they need to mature their cybersecurity posture, proactively resolve risks, and fulfill audit requirements," said Alaa Abdulnabi, RSA SVP and General Manager, International. "These innovations ensure that high-security organizations can stay ahead of cybersecurity threats and operational challenges."

The new RSA Governance & Lifecycle ISPM capabilities announced at Infosec Europe 2025 offer key benefits for enterprises, including:

• Unparalleled visibility: Advanced dashboards offer a comprehensive view of identity risk across your entire environment, enabling organisations to take proactive measures to secure resources, reduce their attack surface, and prevent breaches before they happen.
• Actionable insights for everyone: Dashboards visualize complex data for admins, business leaders, and executives to coordinate and prioritize action.
• Easier, continuous compliance: New RSA Governance & Lifecycle ISPM capabilities make it easy to surface the evidence auditors need, highlight areas that require attention, and reveal opportunities to reduce risk-all while aiding with GDPR, SOX, ISO 27001, SOC 2, and other compliance initiatives.

RSA Announces New Windows Desktop Login and Entra ID Passwordless Solutions

RSA also announced additional passwordless features to RSA^® ID Plus, the complete identity security platform, that help organisations accelerate deployment of phishing-resistant passwordless solutions across their entire environment, reducing risks, modernizing authentication, and driving efficiency:

• Passwordless support for Windows Desktop Login and Entra ID: ID Plus now supports mobile passkeys and QR codes to complete Windows log-in. ID Plus will add Entra ID support in July.
• One-step enrollment process: Starting in July, users will be able to enroll new RSA mobile passkeys and other RSA MFA methods via a one-step enrollment process that eliminates delays and reduces help desk support.
• Code matching for RADIUS: Organizations operating in RADIUS environments can now deploy code matching to reduce the risk of prompt bombing and ensure legacy architecture stays operational.

These new passwordless enhancements are fortified by deep security innovations that protect organisations against post-passwordless threats. The newly-announced RSA Help Desk Live Verify (patent pending), only available through ID Plus, uses passwordless bi-directional identity verification to stop help desk scams like the recent attack on Marks & Spencer, Christian Dior, Co-Op, and MGM Resorts. RSA Mobile Lock secures the authentication process itself by scanning devices for app tampering, malware, sideloading, jailbreaking, and AiTM attacks.