Trust
Security-first architecture with provable enforcement.
Identity Armour is engineered for secure defaults, cryptographic proof of enforcement, and adaptive controls that respond to threats at machine speed—giving auditors, operators, and compliance teams evidence that holds up under scrutiny.
Identity & access controls
- Tenant-aware administrative roles with least-privilege defaults.
- Clear separation between platform operators and tenant administrators so changes are deliberate and traceable.
- Support for strong credentials, MFA at the console, and session policies aligned to your standards.
Data protection
- Encryption in transit (TLS) for management and data paths; encryption at rest where supported by your deployment backing store.
- Sanitized logging designed to avoid capturing sensitive payloads in plain text.
- Configurable telemetry retention so evidence you need for investigations does not outlive the policies you set.
Continuous evaluation & automated response
- Five-vector confidence scoring evaluates every request across device posture, behavioral analytics, geo-risk, session integrity, and anomaly detection.
- Adaptive per-identity baselines learn normal behavior using EWMA, flagging deviations without relying on static thresholds.
- Automated playbooks respond at machine speed: suspend, quarantine, revoke, or escalate based on real-time signals.
Audit & compliance
- Cryptographically signed revocation receipts provide tamper-evident proof of enforcement for auditors and compliance teams.
- Formal access review campaigns with reviewer-driven decisions, lifecycle management, and audit-ready decision trails.
- Risk-triggered session recording with privacy-aware redaction and AI-powered analysis for accelerated incident investigation.
- SIEM/GRC export with structured event schemas aligned to SOC 2, ISO 27001, and sector-specific frameworks.
Vulnerability management & resilience
- We maintain a vulnerability management process for components we ship, prioritize fixes by severity, and communicate material issues to affected customers.
- Service architecture targets high availability for cloud-hosted deployments; exact targets and credits, if any, are defined in your agreement.
- Customers with coordinated disclosure programs may request our security contact through hello@identityarmour.com.
Shared responsibility
Identity Armour is one component of your security and compliance program. You remain responsible for how you host or connect infrastructure, configure identity providers, classify data, and operate surrounding detective and corrective controls. We focus on delivering trustworthy identity governance and runtime risk evaluation with evidence you can operationalize.