The Rubin Observatory – Shining a Light on Identity Dark Matter
Darran Rolls, CTO Identity Innovation Labs
A Monumental Moment
This week marks a significant milestone in astrophysics — the Rubin Observatory in Chile comes online. At the heart of this facility is the Legacy Survey of Space and Time (LSST), powered by a 3-ton, 3.2-gigapixel camera behind the largest optical lens ever made. Every night, it will capture high-resolution, full-spectrum images of the southern sky and make them publicly available for researchers in every field. Super exciting space-geek stuff! It’s so cool to see this come to life.
New Horizons
Just as Vera Rubin’s work proved the existence of dark matter and forever altered our understanding of the universe, in the world of Identity Governance and Administration (IGA) we are facing our own Rubin moment as we gain insights into the “identity dark matter” hidden inside today’s complex IT ecosystems. The recent research published by Orchid Security in their Top 10 Identity Gaps for 2025 report reveals a stark reality; more than 60% of organizations admit they have no accurate inventory of applications, users, and entitlements. This growing gap between the known-knowns and the unknown-unknowns is the identity management version of uncharted cosmic territory. The data underscores a simple truth: the biggest risks aren’t in the systems you govern, they are in the ones you don’t even know exist.
How Do we Manage This New Reality?
For me, platforms like Orchid Security represent the Rubin Observatory of IAM. Like the LSST’s survey being kicked off this week, Orchid continuously ingests and correlates identity, access, and application data from key application resource points across the environment. It reveals the unknown-unknowns (something you know I am passionate about), the unmanaged apps, the ghost accounts, the over-entitled service identities, and the undocumented access paths that traditional tools ignore.
Roy and the team at Orchid are at the forefront of identity observability. By enhancing traditional IGA tools with key discovery and observability signals, they can analyze and respond in real-time to hidden threats. Just as Rubin demonstrated that unseen forces shape our galaxy, Orchid reveals that unseen access shapes our risk landscape. By improving observability in identity, we can advance our approach to protecting, governing, and understanding identity infrastructure.
Go geek out on the crazy learnings coming from the Vera Rubin Observatory and let me know your thoughts!