Includes FortifyX Includes IdentityFirst Includes IdentityFirstMRI
The complete IdentityFirst platform. Everything in IdentityFirst, plus FortifyX near-real-time enforcement, active containment, JIT privilege elevation, and executive governance dashboards.
IdentityFirst-Enhanced builds on every capability in IdentityFirstMRI and IdentityFirst, adding the FortifyX active enforcement layer for organisations that need to act, not just observe.
FortifyX adds the active enforcement layer on top of IdentityFirst's monitoring and governance. Every enforcement action passes through blast radius analysis before execution.
Fabric Agent detects anomaly — high-risk access attempt, SoD violation, or privilege escalation
BlastRadiusEngine models the impact of any proposed action before it executes
Human-in-the-loop approval required for high-impact actions; low-risk actions auto-approved
Targeted containment: session revocation, account disable, privilege strip — scoped to identity
Every action is journalled. One-click rollback if the containment was a false positive
Tamper-evident audit trail with full evidence package for incident response
Act at the moment of risk, not after the fact
Enforce access policies in near-real-time at the point of request. Risk-based authentication step-ups, dynamic MFA challenges, and governed response to high-risk signals — all without disrupting legitimate users.
Zero standing privilege, time-bound access
Replace permanent privileged accounts with just-in-time elevation. Users request elevated access, the approval workflow triggers, access is granted for a defined window, then automatically expired. No standing privilege remains.
Isolate threats without a service desk ticket
When a threat is confirmed, containment executes within seconds — not hours. Session revocation, account disable, privilege strip. Blast radius is computed first; rollback is always one click away.
Tamper-evident record for compliance and IR
Every enforcement action generates a forensic evidence package: timeline, affected identities, before/after state, and approver chain. Audit entries are cryptographically chained — any tampering is immediately detectable.
Mean time to containment drops from hours (service desk) to seconds. FortifyX executes containment the moment the approval gates clear.
Eliminate permanent admin accounts. JIT elevation means privileged access exists only for the duration it's needed — then it's gone automatically.
Every containment action is journalled. If a response was a false positive, reverse it in one click. No runbooks, no manual cleanup.
Per-user, per-month pricing billed annually. Volume discounts apply automatically as your user count grows — no negotiation required.
Full platform · includes FortifyX enforcement
| User band | Per user / month | Billing |
|---|---|---|
| Up to 2,500 users | £22 | Annual, billed upfront |
| 2,501 – 10,000 users | £18 | Annual, billed upfront |
| 10,000+ users | £14 | Annual, billed upfront |
All prices ex. VAT. Minimum 12-month term. Upgrade from IdentityFirstMRI or IdentityFirst at any time — remaining contract value credited.
Not sure which tier is right for you?
Compare All ProductsFortifyX enforcement integrates with your existing identity infrastructure — no rip-and-replace required.
Conditional Access + PIM integration
CloudTrail + IAM policy enforcement
Group membership + account disable via WEF
PAM session revocation
Session management + policy push
Outbound events to SIEM / SOAR
IdentityFirst-Enhanced gives you everything: discovery, governance, and active enforcement. Deploy in days. Read-only by default. Enforcement only when you're ready.