Skip to content

Product Principles

Security-First

Build for least privilege, secure defaults, and clear auditability from day one.

Isolation-First Architecture

Use tenant-isolated data planes by default, with workspace-scoped product access and auditable administrative exceptions.

Wedge / MVP

Start with Discovery & Onboarding and an Access Explorer moment of value.

Primary Persona

Director of IAM: wants fast, defensible understanding of identity footprint and access exposure across key systems.

Control Surfaces in v0 Discovery

  • Principal (identity subject)
  • Account (authn identity record)
  • Entitlement (authz structure)
  • Resource (targets)
  • Cloud Account Boundary (AWS account / Azure subscription)

Moment of Value (<5 minutes)

After a first discovery run, provide: - Resource-centric: "Who has access to this?" - Principal-centric: "What access does this principal have?" - Access paths with drilldown and provenance.