The Complete Identity
Security Platform
23 modules. 14 Beta connectors. One platform to discover, monitor, govern, and respond to identity risk across your entire estate.
Built on Four Principles
Read-Only by Default
All connectors operate in discovery mode. Zero writes to target systems without explicit approval.
Human-in-the-Loop
Every write action requires explicit human approval. No automated changes to production systems.
Deploy in Days
No agents, no infrastructure changes. Push-connector architecture means you're live in 1–3 days.
Tamper-Evident Audit
HMAC-SHA256 hash chain per tenant. Every action is journaled, verifiable, and reversible.
23 Platform Modules
Every module ships as a standalone C# project with its own tests. No monolith.
Core
Canonical identity model, audit logging, capability gates, module registry
Governance
Drift engine, risk scoring engine, identity snapshots, DriftFinding
Approval Workflow
Human-in-the-loop write control, policy-based approval, timeout escalation
Rollback & Recovery
Write journal, rollback service, change reversal with full audit trail
OpenView
Identity view collection, change detection, Channel-based streaming
Data Normalisation
Source normalisation rules, 5 built-in rules, pluggable engine
Connector Framework
Registry, Polly-backed orchestrator, hosted service
IntelliCore
Governance intelligence, adaptive trust scoring, ReformationX, CognitiaEngine
Entitlement Valuation
Entitlement risk scoring, privilege-weighted valuation reports
Health Check Report
Board-ready PDF/HTML report generation with ICR score
Webhook Event Bus
Outbound webhook bridge for SIEM/SOAR integration (fabric.* events)
Anomaly Detection
Behavioural anomaly detection engine, fires into FabricAgents pipeline
Fabric Event Pipeline
Intra-process Channel-based event bus (no external dependencies)
Fabric Agents
30 AISF orchestration agents — the assessment intelligence layer
Session Capture
Session identity recording, chain resolution, graph projection
FortifyX™
Containment, blast radius modelling, forensic evidence, identity twin simulation
Lifecycle Management
SCIM 2.0 provisioning — joiner, mover, leaver automation
Access Review
Campaign lifecycle, reviewer assignment, decision recording
Policy Engine
SoD rules registry, 5 built-in conflict rules, ISoDPolicyEvaluator
Privileged Access
JIT elevation service, zero standing privilege cycle (request→approve→elevate→expire)
Audit Correlation
Cross-source event correlation engine — correlates events by identity across all connectors
Tenant Bootstrap
ZSP defaults, tenant initialisation pipeline
ICR (Coverage Ratio)
Identity Coverage Ratio: Discovery(30%) + Monitoring(25%) + Governance(25%) + Protection(15%) + Confidence(5%)
Connector Transparency
We publish our connector tier status. No inflated claims.
0
Real-tenant validated, load-tested, SLA-backed. We don’t have any yet. We’ll say so when we do.
14
Parser + unit tests exist. Push-receiver architecture. Actively seeking live-tenant validation. Suitable for POC.
35+
Smoke-tested adapters. Available for custom scoping. No production claim made.
Ready to See the Platform?
Book a demo or enquire about a 2-month Proof of Concept for your organisation.