Silverfort is redefining holistic identity security

Silverfort helped a popular grocery retailer meet cyber insurance deadlines by extending MFA to legacy systems and improving visibility across its hybrid environment.

August 21, 2025

Multifactor authentication (MFA) has become a standard part of our daily lives—but numerous enterprise environments still depend on critical infrastructure that predates today’s security standards. As a result, older organizations often operate in a hybrid mode, relying on a mix of on-premises legacy solutions and newer cloud-based ones. This makes comprehensive identity security a challenge.

That’s where Silverfort comes in. Founded in 2016 as part of the Microsoft for Startups Founders Hub, Silverfort is now a managed partner whose business runs almost completely on the Microsoft Cloud. Silverfort’s patented Runtime Access Protection (RAP) technology natively integrates with Microsoft Active Directory—extending MFA and modern identity protections to systems that have traditionally been left behind and enabling customers to meet modern cybersecurity requirements. Once integrated with Active Directory, RAP forwards a user's access request to Silverfort for analysis and triggers inline security controls if needed. “You need a tool that’s able to look at everything all at once and connect all the dots to make smart decisions,” explained Jonathan Nativ, Silverfort’s Senior Director of Strategic Alliances. “With our platform, you’re able to see everything that’s taking place from an identity perspective.”

Organizations often come to Silverfort in need of this expanded visibility—and sometimes they need it fast.

Closing gaps in identity protection

A large national supermarket chain approached Silverfort in late December 2022 looking to upgrade their identity security before the end of the year in order to meet cyber insurance requirements. Relying on a small security team to hit a deadline that was just days away, the retailer had already begun modernizing its identity infrastructure using Microsoft Entra ID and conditional access policies—but significant gaps remained. Dozens of legacy systems still lacked MFA enforcement. These critical systems were integral to daily operations but couldn’t be protected using standard MFA tools, leaving them vulnerable to cyber threats.

Compounding the complexity was the company’s limited visibility into a vast ecosystem of nonhuman identities, or service accounts, that had silently accumulated over years of growth. Without insight into these accounts, the risk of unnoticed brute-force attacks and unauthorized access loomed large, threatening compliance and operational continuity. “They thought maybe they had a couple hundred service accounts,” said Kara Kriegshauser, Enterprise Customer Success Manager at Silverfort. “They had thousands.”

A looming deadline. A security team responsible for managing a sprawling environment while juggling multiple competing priorities. The company faced mounting pressure to address their security gaps quickly, and they needed help.

“With our platform, you’re able to see everything that’s taking place from an identity perspective.”

—Jonathan Nativ, Senior Director of Strategic Alliances, Silverfort

Extending MFA and visibility across the enterprise

Partnering with the organization’s lean team, Silverfort quickly implemented their security platform. Functioning as a seamless second-layer authentication system, Silverfort evaluates sign-in attempts using risk-based algorithms and customer-defined policies, prompting users for MFA only when necessary. This risk-aware enforcement helped the grocery retailer secure critical systems while minimizing friction for legitimate users—making life easier for employees.

In addition to extending MFA, Silverfort provided crucial visibility into the retailer’s Active Directory environment, uncovering thousands of previously unknown service accounts, scripts, and automated processes. Using proprietary risk scoring, the platform prioritized these nonhuman identities by threat level, empowering the security team to focus remediation efforts where they were needed most.

“We were able to get everything up and running for them so that they met their cybersecurity requirements by the end of the year,” said Kriegshauser.

People sitting at a table working on laptops.

“We were able to get everything up and running for them so that [the customer] met their cybersecurity requirements by the end of the year.”

—Kara Kriegshauser, Enterprise Customer Success Manager, Silverfort

From urgent support to long-term partnership

With their insurance deadline met and expansion on the horizon, the customer is looking ahead at what comes next—including a possible Resident Expert Services engagement with Silverfort. Such a partnership could help them maintain compliance and improve operations as their security landscape inevitably grows. For a small IT department, this is no small thing.

“We can act as an extension of their team,” said Kriegshauser. “By offering a subject matter expert who can work as part of their team—and by using built-in integrations like our Entra ID Bridge—we can help bring Silverfort’s protection to their entire environment.”

In fact, Resident Expert Services could provide a significant growth opportunity for Silverfort across their portfolio of customers. “It could be great,” said Nativ. “There are so many companies that need the support.”

Explore more Partner Success stories

Discover how organizations like yours are using Microsoft technology to help customers solve challenges, drive results, and scale their businesses.

Browse all stories

This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.