Pathlock’s newly appointed CEO Damon Tompkins says agentic AI is forcing enterprises to rethink identity security, shifting focus from static permissions to real-time monitoring of human and non-human identities.
We spoke with Tompkins about his first weeks in the CEO role and why he sees agentic AI as a new opportunity in identity security.
Pathlock appoints Damon Tompkins as CEO amid record growth
The company enters 2026 after finishing its strongest year to date, driven by what it calls record revenue growth in Q4 2025 and accelerated adoption of Pathlock Cloud.
Over the past year, Pathlock also invested heavily to further advance its fine-grained, behavior-based approach to identity governance designed for the AI era.
“In the 2010s, everyone was leading with ‘identity is the new perimeter,’ and that still happens, but I feel the last 6 to 12 months are moving from permissions into runtime and understanding what human and now non-human identities are doing, and where, and why,” Tompkins said.
Now, he said, the market demand for agentic AI is fueling a new interest in the capabilities Pathlock provides for its customers.
Why agentic AI is reshaping identity security strategy
Tompkins has spent the past three decades working in the governance, risk, compliance, and cybersecurity industries. To him, agentic AI deployments have altered the fundamental way teams need to approach those areas.
“Security has a close cousin called governance, and governance then has a not-so-distant cousin called assurance,” said Tompkins.
Tompkins explained that in traditional systems, those three aspects are separate functions with their own needs and processes.
“When you look at agents, the technology compresses all of that into a timeline where everything should be working harmoniously,” he added.
The compliance and audit implications of AI agents
Tompkins said agents pose unique challenges to teams especially when it comes to the assurance component of the equation.
For example, an agent can be granted the proper permissions with guardrails in place on what it can and cannot access to accomplish a task, but then the company still needs to keep logs of every action the agent made and what exactly it changed.
That work, Tompkins said, requires vast amounts of data to drive proper reporting for internal use and for compliance audits.
How Pathlock wants to differentiate from legacy identity vendors
Tompkins has worked at Pathlock since 2022 and stepped into the CEO role in January.
He told Channel Insider he sees an opportunity to bring a differentiated approach to a market segment that has been largely dominated by legacy players like Sailpoint.
The company’s portfolio provides fine-grained identity security and governance for business-critical applications, including SAP, Oracle, Dynamics 365, and others.
“We meet the customer where they’re at with the systems they are already using or transitioning to,” Tompkins said. “I really believe we have an alternative point of view to what has been brought to market previously, and we have the technology to back that up.”
Why the company continues to work with SIs and other channel partners
Pathlock’s channel ecosystem includes integrators, services providers, and a number of technology companies integrating solutions with Pathlock’s portfolio.
“We’ve put a lot of effort into communicating what we do and what we bring to SIs in particular,” Tompkins said.
“A lot of adoption is actually happening because organizations are undertaking other modernization projects and then identity-related needs arise from those,” Tompkins said.
“Because of that, we have an opportunity to help with future-state runways and long-term business planning customers are undertaking with partners,” he added.
As channel partners guide their customers through such projects, Tompkins and many in the security space are providing them with tools and resources to ensure those projects include the necessary compliance and governance capabilities.





