Authors: Ajay Srinivas and Mark Bruce

This blog also appears on

What Are Audit Events?

Audit events are critical to our clients for various reasons — most notably, compliance and troubleshooting. SailPoint’s Identity Security Platform audits all important changes to an identity such as role assignments, password change activities, access requests, and more.

Audit events emitted by many different micro-services within the platform are processed asynchronously by the Audit service which normalizes the data to make it suitable for search, then publishes the event onto a Kafka topic. …

Author: Caitlin Green

It’s been over a year since SailPoint moved away from having the majority of employees working in an office, moving further into our new fully-remote reality. In that year, our DevOps team has doubled in size with remote employees added from all over the world. Alongside this growth, and in the spirit of continuous improvement, we realized we needed to revisit our on-call procedures and technology. This front had not received much attention in the past as our on-call just worked, but we knew there was new technology available to us that could help us innovate in…

Photo by Ovinuchi Ejiohuo on Unsplash

Author: Justin Watkinson

Delivering applications quickly and safely is a major focus for the SailPoint DevOps team. You may even say we want them to be boring. Uneventful. Predictable. Reliable.

This past year we have adopted ArgoCD and the GitOps methodology into our production systems and wanted to share how we made our deployments boring. To make this a reality, we have chosen ArgoCD, an open-source CNCF project which provides continuous delivery capabilities to Kubernetes. ArgoCD combines git version control concepts and applies them to managing applications in Kuberentes via popular YAML management tools including Kustomize, Helm, and JSonnet.

SailPoint Kubernetes 1.0


Author: Alex Derzhi

One substantial challenge in reaching rapid CI/CD has been managing the risk inherent to all code changes. Maybe it works great in your dev environment but uses a resource not yet deployed to Production. Maybe it works great with test data, but a customer has an unusual or unsupported configuration that causes the new code to fail. Frequent, small changes significantly reduce that risk, but never to zero. These kinds of issues can cause an outage and tend to make engineers and managers hesitant to release code rapidly. …

Christine Whitlock, Product Manager at SailPoint, has been on our crew for 2.5 years, but her identity career began long before that. After graduating from The University of Texas Austin, she was still deciding what she wanted to do with her degree in management of information systems. Though she wasn’t in search of a job in identity, it found her by way of a consulting job at PwC (a global, SailPoint partner). …

Author: Matt Domsch

Identity security is theoretically easy when you can control all the parameters: all the actors, all the actions, all the environments top to bottom. Rarely are we in such a perfectly controllable world. In reality, multiple companies and products, each with their own approach and insight must work together to provide an overall security posture, exchanging data, events, and secure setup and configuration to enable each product to provide the facet of security for which it’s best.

In the world of identity security, three standards are emerging which enable this security mesh to operate effectively and efficiently…

Am I going to get a promotion this year?

It’s a question you’ve probably asked yourself at some point in your career. If you’re a manager, you’ve almost certainly heard it. At many companies, it’s not clear how best to answer it, or to answer the question behind it: What is expected of me to achieve a promotion to the next level?

Managers and their teams will feel righteously frustrated when they’re “flying blind” without knowing what is expected of them, and doubly so if they ever see someone else promoted and feel that the person didn’t earn it. …

Author: Jeff Upton

Event-Driven Integration with SailPoint

Many modern software architectures are implemented using event-driven programming. An event-driven program is designed to receive and react to events such as user clicks in a UI, object changes in a database, or messages originating from other subsystems in a distributed architecture. A state owner broadcasts predefined events when something changes in their system, and downstream consumers listen to those events and update their state accordingly. This allows decoupled, highly reactive, independent subsystems to all work in concert.

Event-driven programming lends itself well to integration use cases between SaaS applications from different vendors…

Author: Asanka Jayasuriya, CTO at SailPoint

One of my biggest passions as an engineering leader is fostering an environment of collaboration and transparency for my teams. This is important for all teams — but for distributed teams (which we are all on now) it’s critical. One of my strategies for achieving this is liberally stealing great ideas from the places that I’ve worked. Imitation is the best form of flattery and all that good stuff, right? In this case, we’re talking about the DACI process I stole errr… learned at Atlassian.

In a nutshell, the DACI is a framework for…

Author: Justin Watkinson

One trait I appreciate about the DevOps team at SailPoint is an attitude towards “the other CI” — Continuous Improvement. I believe it’s a habit of highly effective DevOps teams to be able to get things out to production quickly, but also be able to quickly iterate and improve upon that solution, striving for quality improvements upon each revision.

One morning, I was asked to deploy a SailPoint Predictive Identity stack in a new AWS region. …


SailPoint is the leader in identity security for the cloud enterprise, ensuring workers have the right access to do their job — no more, no less.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store