Sign inBook a demo
Demo · Free risk scan

See your first machine-identity trust path
in under ten minutes.

Two ways in. Talk to the founder for a guided walkthrough, or run a free read-only scan against your environment and skip the meeting.
Free scan

Report assembled

Ready
  1. Read-only connector verified
  2. Trust path resolved across four hops
  3. Owner-ready fix simulated
Self-serve · Free

Run a free risk scan.

No card. No demo call required. Read-only scan of one AWS account or one Kubernetes cluster, returns a real finding report you can share with your team.

  1. 01
    Connect read-only credentials

    Pick AWS, Kubernetes, or GitHub Actions. We auto-generate a least-privilege IAM role or kubeconfig context. No write scopes are ever requested.

  2. 02
    Identrail builds the trust graph

    Identities, role chains, OIDC trust policies, RBAC bindings and resource ACLs are resolved into a single graph. Average scan time: under ten minutes for a single account or cluster.

  3. 03
    Get the report

    Findings sorted by reachable resource sensitivity. Each finding includes the path, the evidence, the named owner, and the smallest safe fix — simulated against your last 30 days of activity.

Prefer self-host? The same scan ships in the open-source repo. Contributing.

Talk to the founder

Book a 15-minute walkthrough.

Oluwatobi runs every demo personally right now. Bring a stack diagram if you have one — we'll use it.

We reply within one business day.

Or pick a slot directly
Read-only by design

Connector setup uses scoped read credentials. Nothing is mutated unless you explicitly enable enforcement later.

No agent

No long-running daemon in your environment. Scans run from our infrastructure or from your own when you self-host.

Your data stays yours

You can revoke connector access at any moment. Findings export cleanly and can be deleted on request.

Read the security and compliance posture