SAIL · CIK 2030781

What SailPoint, Inc. told the SEC could break it.

2 self-disclosed vulnerabilities, pulled from its own filings — each in the company’s words, with the source. This is the risk register almost nobody reads.

A limited set so far — we surface every cited disclosure we’ve extracted for SAIL. More may follow as additional filings are processed.

In its own words

What could break it.

Regulatory & policy

US (EAR/OFAC) and Israeli encryption export controlsmedium
SailPoint's platform is subject to US Export Administration Regulations and OFAC sanctions plus Israeli export controls on encryption technology; changes to encryption-export requirements (or to its encryption methods) could impose additional compliance burdens and restrict sales.
“We are also subject to Israeli export controls on encryption technology for our platform and identity security solutions. If the applicable U.S. or Israeli requirements regarding export of encryption technology were to change or if we change the encryption means in our solutions, we may need to satisfy additional requirements in the United States or Israel.”
SEC filing →As of 2026

Geographic concentration

Israel R&D / operations (Middle East conflict)low
SailPoint performs a significant portion of its R&D internationally including in Tel Aviv, Israel; global/domestic political instability and Middle East conflict (Iran, Israel) have and may impact its operations.
“We have taken a global approach to building a robust research and development team, with engineers and team members located in the United States as well as internationally across India, Mexico, Israel, the United Kingdom, and Canada.”
SEC filing →As of 202644 others exposed to Israel →

In the MyPRIA app, this is checked against the companies you actually own.

← World Watch