Skip to main content
Public website
Public website surface Marketing and explanation content. This is not the canonical authenticated runtime.
Canonical runtime: app.identityfirst.net
Identity Security Assessments

Your Identity Security
Assessment Hub

Every organisation has a different identity estate. We assess all of it — on-premises, cloud, hybrid, multi-directory. Start with one environment. Expand as you grow in confidence.

Read-only by default Deploy in days Board-ready reports Cyber Essentials Certified
Start Your Assessment 9 connectors available

Choose your assessment

Select the assessment that matches your most pressing identity risk. Each one delivers a prioritised finding report within days of connection.

Active Directory Assessment

Stale accounts, shadow admins, Kerberoastable SPNs, privilege drift. No agents. Read-only via Windows Event Forwarding.

Learn more

Microsoft Entra ID Review

Global Admin exposure, Conditional Access gaps, PIM configuration, and risky sign-in events. Read-only via Microsoft Graph.

Learn more

Full Estate Assessment (IdentityFirstMRI™)

Cross-source identity graph spanning AD, Entra, AWS, GCP, Okta, and more. Unified risk register with blast-radius scoring.

Learn more

Continuous Monitoring

Move beyond point-in-time assessment. Detect drift, privilege creep, and anomalous behaviour through scheduled scans across your entire identity estate (Core tier and above).

Learn more

Why start with an assessment?

Identity is the #1 attack vector. An assessment gives you the baseline evidence to prioritise remediation, justify investment, and demonstrate security maturity to customers, auditors, and the board.

You can’t secure what you can’t see

Shadow admin accounts, orphaned service principals, and stale identities accumulate silently. An automated assessment makes the invisible visible — across every connected source, not just the systems you already know about.

Identity is the #1 attack vector

The 2024 Verizon DBIR found that 68% of breaches involved the human element, with credential abuse and privilege exploitation as the dominant techniques. Defending identity is defending the perimeter.

Automated beats manual

Manual audits take weeks and produce findings that are stale before the ink dries. Automated assessment against live data gives you a real baseline — and continuous monitoring keeps it current as your estate changes.

Board-level risk language

Technical findings translated into business risk. Executive summaries designed for the CEO, CFO, and non-technical board members — so security investment decisions are made with the right context, not gut instinct.

Sources we can assess

9 beta connectors across 23 platform modules. On-premises directories, cloud IAM, identity providers, SaaS applications, security platforms, and more.

On-premises directories

  • Active Directory (via WEF)
  • LDAP and OpenLDAP
  • FreeIPA
  • Samba AD

Cloud IAM & directories

  • Microsoft Entra ID
  • Entra ID Sign-In Logs
  • AWS IAM (CloudTrail)
  • GCP IAM (Audit Logs)
  • Google Workspace

Identity providers

  • Okta (System Logs)
  • Ping Identity
  • SailPoint IdentityNow
  • Saviynt
  • + Delinea, Jamf, Datadog Beta

Security platforms

  • CrowdStrike Identity
  • Microsoft Defender for Identity

ITSM & SaaS

  • ServiceNow
  • Salesforce
  • GitHub Enterprise
  • Jira, Confluence, GitLab

HR systems

  • Workday, BambooHR, HiBob
  • UKG, ADP, Personio, Rippling
  • Leaver detection & joiners correlation

Start your identity security assessment

Book a 30-minute scoping call. We’ll identify which connectors match your environment, confirm read-only access requirements, and schedule your first assessment. Scoped directly with you. No free trial and no overexposed public package promises.

Start Your Assessment Browse 9 connectors
  • Cyber Essentials Certified
  • ICO Registered (ZC031428)
  • UK-based team
  • Read-only, always