Private Beta (Invitation Only)

IdentityFirst Platform & IdentityShield Roadmap

Transparency over hype: the 12 IdentityFirst Platform modules and the IdentityShield detection layer are in design/beta, evolving with select pilot customers.

IdentityFirst Platform MVP GA Date: January 2026 IdentityShield Beta MVP GA Date: June 2026
Available Now: IdentityHealthCheck

Where each product stands today

We build trust through clarity. IdentityHealthCheck is production-ready; IdentityFirst Platform and IdentityShield are in private beta with limited seats.

IdentityHealthCheck

General availability

  • Read-only assessments
  • Multi-format reporting
  • Available to all customers

IdentityFirst Platform

Private beta roadmap

  • Modular microservices
  • Requires NDA & pilot
  • No GA date set

IdentityShield

Detection & response beta

  • MFA abuse detection focus
  • Integrates with FlowGuard
  • Invite-only testing

Important context

Everything below is roadmap information for IdentityFirst Platform modules and the IdentityShield beta. None of these modules are commercially available today.

We publish the detail so customers understand what we are building and can decide whether to join the private beta. IdentityHealthCheck remains our only production offering.

Platform Architecture (roadmap)

Architecture diagrams and descriptions reflect the current engineering plan and may change during beta. No production SLAs exist yet.

Microservices Architecture

Each module operates as an independent FastAPI service, enabling:

  • Independent Scaling: Scale modules based on demand
  • Fault Isolation: Module failures don't cascade
  • Easy Updates: Deploy module updates without downtime
  • Technology Freedom: Best tool for each job

AI-First Design

Every module integrates with our AI engines:

  • Cognitia: Ollama-based local LLM for threat analysis
  • Fidara AI: Explainable reasoning with 6 personas
  • No Cloud Lock-in: Runs entirely on-premises
  • Privacy First: Your data never leaves your infrastructure

Integration Points

# All modules expose REST APIs
GET /api/flowguard/health
GET /api/fortress/snapshots
GET /api/sentiencex/anomalies

# Unified authentication
Authorization: Bearer {jwt_token}

# Real-time events via WebSocket
ws://localhost:8001/ws/alerts

Defense Layer

Real-time threat detection and prevention

Concepts only: specifications below describe what we are building, not what is currently shipping.

FlowGuard

MFA Fatigue Defense

Roadmap purpose: Detect and prevent MFA fatigue attacks in real-time

Target capabilities:

  • 6 detection patterns for MFA abuse
  • Real-time WebSocket alerts
  • Duo Security connector
  • Automated response policies
  • Historical pattern analysis

Planned technical details:

# Detection patterns
- Rapid MFA requests (>5/min)
- Off-hours MFA spam
- Geographic anomalies
- Behavioral deviations
- Known attack signatures
- ML-based anomalies
Private Beta 900 LOC

OpenView

Health Monitoring

Roadmap purpose: Continuous identity infrastructure health monitoring

Target capabilities:

  • Active Directory health checks
  • Azure RBAC service monitoring
  • Entra ID, AWS IAM, Google IAM, etc..
  • DNS and GPO validation
  • Replication status tracking
  • Certificate expiration alerts
  • Drift Detection

Proposed monitoring scope:

# Monitored services
- AD Domain Controllers
- Entra ID Connect
- DNS Zones
- Group Policy Objects
- Certificate Authorities
- LDAP Services
Private Beta 750 LOC

Recovery Layer

Rapid incident response and identity restoration

Fortress

Identity Recovery

Roadmap purpose: Cleanroom identity recovery with snapshot comparison

Target capabilities:

  • Snapshot comparison engine
  • 5 change category detection
  • Blast radius calculation
  • Recovery orchestration
  • SID preservation (roadmap)

Recovery Process:

# Recovery workflow
1. Take pre-incident snapshot
2. Detect compromise
3. Compare snapshots
4. Calculate blast radius
5. Generate recovery plan
6. Execute rollback
Private Beta 600 LOC

TactitionX

SOAR Playbooks

Roadmap purpose: Security orchestration and automated response

Target capabilities:

  • YAML-based playbook definitions
  • Manual trigger execution
  • 3 pre-built playbooks
  • Audit trail generation
  • Fidara AI integration

Playbook Examples:

# Available playbooks
- Account Lockout
- Privilege Revocation
- MFA Enforcement

# YAML definition
name: "Account Lockout"
trigger: manual
steps: [disable, notify, log]
Private Beta 800 LOC

Analytics Layer

AI-powered insights and behavioral analysis

SentienceX

Behavioral Analytics

Roadmap purpose: AI-driven behavioral threat intelligence

Target capabilities:

  • Behavioral baseline establishment
  • Cognitia AI integration
  • Anomaly detection engine
  • MISP threat intelligence
  • Real-time event correlation

Analysis Pipeline:

# AI-powered detection
1. Collect user behavior
2. Establish baselines
3. Detect anomalies
4. Query Cognitia AI
5. Generate threat score
6. Trigger response
Private Beta 750 LOC

LedgerX

License Analytics

Roadmap purpose: License optimization and ROI reporting

Target capabilities:

  • M365/Azure AD license tracking
  • Waste detection algorithms
  • ROI calculation engine
  • Usage correlation analysis
  • Cost attribution reporting

Tracked Platforms:

# Supported platforms
- Microsoft 365
- Entra ID Premium
- AWS IAM licenses
- Okta subscriptions
- Third-party tools
- IGA tools
- PAM solutions

# Waste detection
- Unused licenses (>90 days)
- Over-provisioning
- Duplicate assignments
Private Beta 650 LOC

RiskQuant

Risk Scoring

Roadmap purpose: Quantitative identity risk assessment

Target capabilities:

  • Risk scoring algorithms
  • Business impact analysis
  • Threat modeling engine
  • Compliance gap detection
  • Executive dashboards

Risk Calculation:

# Risk formula
Risk Score =
  (Likelihood × Impact) +
  Vulnerability Score -
  Control Effectiveness

# Scoring range: 0-100
Critical: 80-100
High: 60-79
Medium: 40-59
Low: 0-39
Private Beta 580 LOC

Governance Layer

Policy enforcement and compliance orchestration

GovernX

Governance

Roadmap purpose: Identity governance and compliance automation

Target capabilities:

  • Policy lifecycle management
  • Automated enforcement
  • Access certification
  • Audit trail generation
  • Compliance reporting

Governance Workflows:

# Policy enforcement
- Define policies (YAML)
- Assign to identities
- Monitor compliance
- Trigger violations
- Generate reports

# Access reviews
- Quarterly certification
- Manager approval
- Auto-revocation
Private Beta 700 LOC

ReformationX

Policy Mesh

Roadmap purpose: Federated policy orchestration across clouds

Target capabilities:

  • Multi-cloud policy federation
  • Unified policy language
  • AWS/Azure/GCP orchestration
  • Policy conflict resolution
  • Drift detection

Supported Platforms:

# Cloud providers
- AWS IAM Policies
- Azure RBAC
- GCP IAM
- Kubernetes RBAC

# Policy translation
universal_policy →
  aws_policy
  azure_policy
  gcp_policy
Private Beta 720 LOC

Specialized Modules

Purpose-built solutions for modern challenges

GhostGrid

Non-Human Identity

Roadmap purpose: Lifecycle management for machine identities

Target capabilities:

  • Service account tracking
  • API key rotation
  • SPIFFE/SPIRE integration
  • IoT device management
  • Workload identity orchestration

Identity Types:

# Tracked identities
- Service Accounts
- API Keys
- OAuth Clients
- IoT Devices
- Container Workloads
- Serverless Functions

# Auto-rotation
- 90-day key lifecycle
- Zero-downtime rotation
Private Beta 680 LOC

SupplyID

Supply Chain Identity

Roadmap purpose: Third-party vendor identity management

Target capabilities:

  • Vendor identity tracking
  • Security posture monitoring
  • Access pattern analysis
  • Supply chain risk scoring
  • Vendor certification workflows

Vendor Management:

# Vendor lifecycle
1. Onboard vendor
2. Security questionnaire
3. Access provisioning
4. Continuous monitoring
5. Annual recertification
6. Offboarding

# Risk factors
- Security incidents
- Access violations
- Certification status
Private Beta 640 LOC

Fidara AI

AI Orchestration

Roadmap purpose: Explainable AI reasoning for security decisions

Target capabilities:

  • 6 specialized AI personas
  • Cognitia engine integration
  • Explainable reasoning
  • Context-aware responses
  • Multi-tenant orchestration

AI Personas:

# Available personas
- Security Analyst
- Compliance Officer
- Identity Architect
- Risk Manager
- Incident Responder
- Executive Advisor

# Cognitia connection
POST /api/cognitia/analyze
Response: Threat analysis
  with reasoning
Private Beta 850 LOC

How Modules Work Together

Example: MFA Fatigue Attack Response

Demonstrates cross-module integration for automated threat response:

# 1. FlowGuard detects MFA fatigue
FlowGuard → Alert: User "john@company.com" received 15 MFA requests in 2 minutes

# 2. SentienceX analyzes behavior
SentienceX → Query Cognitia: Is this anomalous for john@company.com?
Cognitia → Response: 95% confidence anomaly, typical rate is 2 MFA/hour

# 3. RiskQuant calculates risk
RiskQuant → Risk Score: 85/100 (Critical)
RiskQuant → Business Impact: Privileged account, access to finance systems

# 4. Fidara AI recommends response
Fidara AI → Recommendation: Immediate account lockout + investigation
Fidara AI → Reasoning: High-value target, attack pattern matches known campaigns

# 5. TactitionX executes playbook
TactitionX → Execute: "Account Lockout" playbook
TactitionX → Actions:
  - Disable account in AD
  - Revoke Azure AD sessions
  - Notify security team
  - Create incident ticket

# 6. GovernX logs compliance
GovernX → Audit Trail: Security response executed at 2025-11-09 14:23:00 UTC
GovernX → Compliance: Meets GDPR breach response timeline

# 7. Fortress prepares recovery
Fortress → Snapshot: Pre-attack identity state captured
Fortress → Recovery Plan: Ready if account compromise confirmed

# Total time: 45 seconds from detection to response

Cross-Module Benefits

  • Faster Response: Automated coordination reduces MTTR from hours to seconds
  • Better Decisions: AI analysis with business context improves accuracy
  • Complete Audit Trail: Every action logged across all modules
  • Unified View: Single pane of glass for all identity security events

Ready to Deploy the Complete Platform?

Join our pilot program and get early access to all 12 modules with 50% first-year discount.

View Pricing Contact Sales