Available Now - Windows-Native Assessment Client

IdentityMRI

Assessment reports inspired by PingCastle, upgraded with advanced blast-radius analysis, direct links to vendor guidance, and clear PowerShell-based remediation steps.

Comprehensive Security Findings

Expandable findings cards with detailed impact analysis, compliance mapping, and actionable remediation guidance for every issue discovered

Try Live Demo - No Installation AI Breach Simulations Sample Assessment Report Learn More

Collapsible Findings (PingCastle-style) Microsoft/AWS/Vendor Docs Linked Blast Radius Analysis PowerShell Remediation Commands

Comprehensive Identity Security

Assess and secure identity infrastructure across all major platforms

Active Directory

Complete AD health assessment including domain controllers, replication, Group Policy, permissions, and security configurations.

Azure RBAC & Entra ID

Cloud identity security assessment including conditional access policies, MFA configuration, privileged roles, and integration health.

AWS IAM

AWS identity and access management assessment including IAM users, roles, policies, and resource permissions across all accounts.

Google Cloud IAM

GCP identity assessment including service accounts, IAM policies, organisation structure, and resource hierarchy.

Okta & SSO

Identity-as-a-Service platform assessment including user management, MFA policies, federation, and integration security.

<

Kubernetes RBAC

Container orchestration identity assessment including service accounts, RBAC policies, pod security, and cluster access controls.

Assessment vs Enforcement: Understanding IdentityMRI

IdentityMRI is designed for visibility and guidance, not automated enforcement

What IdentityMRI Does

Comprehensive Assessment: Deep analysis of your identity infrastructure without making changes

  • Read-Only Analysis: Examines configurations, permissions, and policies safely
  • Risk Identification: Discovers misconfigurations, over-privileged accounts, and compliance gaps
  • Blast Radius Analysis: Shows potential impact of security issues
  • Compliance Mapping: Links findings to frameworks like SOC 2, ISO 27001, GDPR
  • Remediation Guidance: Provides specific, actionable steps to fix issues
  • Executive Reporting: Audit-ready reports for stakeholders and auditors

What IdentityMRI Does NOT Do

No Automated Enforcement: We don't make changes to your systems or enforce policies

  • No Policy Enforcement: Won't automatically disable accounts or change permissions
  • No Real-Time Blocking: Doesn't prevent access or stop attacks in progress
  • No Automated Remediation: Provides guidance, but you implement the fixes
  • No Continuous Monitoring: Point-in-time assessments (can be scheduled)
  • No Incident Response: Assessment tool, not a security operations platform

Why This Design Matters

Benefits of Assessment-Only Approach

  • Zero Risk: No potential for system disruption or access issues
  • Complete Visibility: Unrestricted analysis of all identity components
  • Auditor-Approved: Read-only approach meets compliance requirements
  • Flexible Implementation: You control when and how to apply fixes
  • Learning Opportunity: Understand issues before automating solutions

When to Consider Enforcement

After establishing visibility with IdentityMRI, consider our future platform modules:

  • GovernX: Automated policy enforcement (Q1 2026)
  • TactitionX: SOAR playbooks for response (Q1 2026)
  • FlowGuard: Real-time threat prevention (Q1 2026)
  • FortifyX: Continuous monitoring & alerting (Q2 2026)

These modules are in private beta and will add enforcement capabilities to the platform.

Our Commitment to Honesty & Reliability

Security tools should tell the truth, even when it's uncomfortable. Here's how IdentityMRI delivers trustworthy results.

Honest Assessments

We admit what we know, what we infer, and what we don't know.

  • Evidence-Based Findings: Every issue shows why it exists with specific evidence
  • No Black-Box Scores: All risk assessments include detailed explanations
  • Conservative Language: We avoid overconfident claims about intent or impact
  • Clear Assumptions: When analysis relies on assumptions, we state them explicitly
  • Unknown Factors: Gaps in data are flagged, not guessed or filled with AI

Trustworthy Results

Run IdentityMRI twice and get consistent, explainable results.

  • Deterministic Scoring: Same input data produces identical risk scores
  • Versioned Rulesets: Analysis rules are versioned and documented
  • Timestamped Evidence: All findings include collection timestamps
  • Change Diffing: Between scans, we show exactly what changed and why
  • No Random Variation: Results don't wobble without environmental changes

Reliable Under Pressure

IdentityMRI works when you need it most - during incidents or audits.

  • Data Confidence Indicators: Every finding shows scan completeness percentage
  • Graceful Degradation: Partial data is flagged, not guessed or hidden
  • Incident-Ready: Works at 2am during breaches, not just 9am on Monday
  • No AI Guesswork: Unverifiable data gaps are clearly marked as such
  • Conservative Approach: We'd rather miss something than misrepresent it

Evidence-First Design

Our UI prioritizes facts over flash. Every finding includes clickable evidence, raw data views, and plain English explanations. No vague labels, no unprovable assertions, no over-animated dashboards that signal uncertainty.

What You'll See

  • Raw configuration data
  • Specific evidence citations
  • Change history between scans
  • Data collection timestamps
  • Scan completeness metrics

What We Don't Do

  • Guess unobservable intent
  • Fill data gaps with AI
  • Use flashy, uncertain UIs
  • Over-promise capabilities
  • Hide limitations or assumptions

This restraint is our biggest differentiator. We don't act unless we're sure. That discipline builds the credibility this market desperately needs.

AI-Powered Security Analysis

IdentityMRI leverages advanced AI engines to provide intelligent risk analysis, anomaly detection, and actionable remediation guidance.

Cognitia LLM Engine

Advanced machine learning for pattern recognition, threat correlation, and predictive risk scoring across identity systems.

Fidara AI Engine

Specialized AI for identity threat detection, behavioral analysis, and automated compliance mapping with business context.

AI Analysis Capabilities

  • Risk Scoring: Dynamic risk assessment with business impact
  • Anomaly Detection: Identify unusual access patterns
  • Threat Correlation: Connect disparate security events
  • Compliance Mapping: Automated framework alignment
  • Remediation Guidance: Prioritized action recommendations
  • Predictive Analysis: Forecast potential security issues

Compliance Automation

Automatic mapping to compliance frameworks with audit-ready reports

GDPR

Article 32 Security, DPIA, Records of Processing

ISO 27001

A.9 Access Control, A.12 Operations Security

SOC 2

CC6.1 Logical Access, CC7.1 System Monitoring

FedRAMP

AC-2 Account Management, IA-2 Authenticators

Report Formats

PDF Reports

Excel Analysis

Word Documents

JSON API

Pricing Information

Comprehensive pricing plans designed for organizations of all sizes

View Complete Pricing Details

Our pricing page contains detailed information about all available plans, features, and assessment options for IdentityMRI.

View Pricing Plans

All prices exclude VAT. Payment terms: 30 days. Annual contracts available.