Cloud Identity Summit 2017: Ping Identity news and strategy; plus reflections on the event

Ping Identity is partnering with Microsoft to connect on-premises apps to Azure AD; and sent signals that machine learning-based security is coming to their products soon.

Last week, I attended the Cloud Identity Summit for the first time. It’s hosted by Ping Identity, but only about a quarter of the content is dedicated to Ping—the rest is independent, community-driven content covering the whole of the identity management industry. As the EMM, EUC, and desktop virtualization space get even closer to identity management, the show was a clear choice to add to my schedule. Today I’ll write about Ping’s news and strategy; later this week I’ll cover identity trends and new things I learned.


Starting with the basics, in case you’re not familiar with Ping, they’re an identity and access management vendor founded in 2002, selling both cloud and on-premises products. You can read more in the introduction that I wrote early last year. Since then, they were acquired by a private equity firm, they themselves then acquired UnboundID to do customer identity and access management, and most recently, they announced a partnership with Microsoft.

Just last week at the show, they announced a new SDK for customer-facing app multi-factor authentication, along with new deployment services offerings. For readers, the bigger news actually came the prior week, with the general availability of the integration between PingAccess and the Microsoft Azure Active Directory Application Proxy. This enables AAD to connect to legacy on-premises applications that don’t use modern standards.

Other new things I learned about Ping are that currently, their customers are split about 50/50 between enterprise user-facing ID and consumer/customer-facing ID. They currently have about 5 million users in their cloud products. One of their goals this year is to automate more of their cloud deployment processes, and they’re working on re-platforming PingOne, their cloud-based enterprise identity product.

There was a lot of talk about machine learning at the show. Ping didn’t have anything to share about it in the roadmap for their own products, but the implication was apparent—something is coming very soon.

The most important thing that became clear is their relationship with Microsoft. We can assume that Microsoft Azure AD is going to become dominant for typical enterprise workforce ID because it’s linked with Office 365 and so easy to get with an Enterprise Agreement. This parallels how on-premises AD got so popular alongside Exchange. (Similarly, Google’s G Suite will be a natural identity choice for Gmail users.) Given this, we often wonder (as Gabe wrote in regards to some other Microsoft competitors) how vendors work with this dynamic.

When it comes to typical enterprise workforce ID, Ping is going the route of partnering with Microsoft instead of competing, as we can see with the PingAccess and AAD integration. Customers can also use PingFederate to connect their on-premises directories to AAD. When it comes to ID for customer/consumers, partners, extended enterprise, and IoT, though, there’s much less of an assumption that AAD will be the default, and that’s where Ping and other specialists will play.

A quick note about the show itself

Like I said, CIS has a community-driven vibe. It’s truly geeky and technical—and not to mention, influential. I saw gatherings of people from the likes of Google, VMware, Ping, Okta, Microsoft, other SaaS vendors, and customers, all talking together in the same room about what to do about upcoming identity developments. With sessions about subjects like machine learning, privacy, and the future, it would be easy for things to get abstract, but most of the sessions were actually really grounded.

The show also had a folksy vibe. It’s well over 1000 people, but you can tell it grew from a smaller range and still has a lot of those good qualities. For example, the main-stage keynotes still had jokes and pop culture references, and it moves around to different cities every year so that people can bring their families and get a taste of multiple locations. Next year the name is changing to “Identiverse,” and I’ll plan to head back.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.