Early access — limited seats

Your LDAP directory.
Your audit evidence.
Finally unified.

Full LDAP management, automated access reviews, SoD enforcement, and cryptographically signed compliance evidence — in one tool. No enterprise contract. No six-month implementation.

87% of mid-market orgs still use spreadsheets for access reviews
3+ wks of IT time burned per quarterly review cycle
$75k+ minimum entry price for the next tool that does this
No spam. No sales calls. Just a heads-up when we're ready.
The problem

Compliance season shouldn't
require a week of Excel hell

Every quarter, the same ritual. Export. Massage JSON. Email managers. Chase approvals. Screenshot. Zip. Pray the auditor accepts it.

01
Native tooling produces unusable output

Windows Event Viewer exports raw JSON embedded in CSV. Microsoft's own documentation says you need to open Excel, run Power Query, apply a JSON transform, and manually filter columns just to see who accessed what.

"The data in the CSV is not organised and is basically garbage." — Microsoft Q&A, migrated from Support Community
02
Enterprise IGA tools start at $75k and take 6 months

SailPoint's professional services costs routinely run 2–3× the software license. Implementation takes 4–12 months. The tool assumes you already know who has access to what — which is the problem you were trying to solve.

"It requires a considerable amount of customization to get it to work." — G2 review, SailPoint IdentityIQ
03
Excel-based reviews fail ISO 27001 auditors on principle

Auditors specifically call out that spreadsheet reviews are untrustworthy because cells can be edited after the fact. There's no integrity proof, no documented frequency rationale, and no continuous improvement evidence.

"Excel-based reviews: no frequency rationale, no evidence of improvement, no data integrity." — Zluri ISO 27001 guide
What we built

Five modules.
One connected system.

Every pillar feeds the next. Admin changes become audit events. Audit events become review evidence. Evidence becomes signed packages your auditor can verify.

Admin
LDAP directory management
  • Full CRUD — add, modify, delete, rename
  • Schema browser
  • LDIF import / export
  • Bulk operations
  • OpenLDAP, AD, 389 DS
Reviews
Access review lifecycle
  • Campaign management
  • Manager-in-the-loop UI
  • Bulk approve / revoke
  • Auto-revoke on expiry
  • Recurring schedules
SoD
Separation of duties engine
  • Policy engine with BLOCK / ALERT
  • Batch scanning
  • Policy exemptions
  • Conflict visualization
  • Pre-grant enforcement
Audit
Audit trail & monitoring
  • 30+ action types
  • LDAP changelog polling
  • SIEM export (Splunk / QRadar)
  • Real-time alerts
  • BambooHR JML events
Evidence
Compliance evidence packages
  • PDF audit reports
  • CSV entitlement exports
  • HMAC-signed manifest
  • ZIP evidence packages
  • SOC 2 / SOX framing
Why it matters

Two things no other tool
at this price point does

🔐
HMAC-signed evidence packages
Cryptographic integrity proof — every evidence ZIP ships with an HMAC-signed manifest. Auditors can verify the package was not modified after generation.
Directly answers ISO 27001 objections — auditors reject spreadsheets because cells can be edited. A verifiable manifest eliminates that objection entirely.
No other tool at any price tier does this — SailPoint, ConductorOne, and ManageEngine all produce unsigned exports. This is a defensible first-mover feature.
Full CRUD + compliance in one tool
Daily driver, not quarterly checkbox — admin tools keep you in the product every day, eliminating churn before audit season even starts.
Every write operation is auditable — LDAP changelog polling captures changes at the protocol level, not via unreliable Windows event log correlation.
Works across non-Microsoft directories — OpenLDAP, 389 Directory Server, and AD are all first-class. Not an afterthought connector.
Competitive landscape

The honest comparison

Feature dirIQ Cert. Center ManageEngine SailPoint
Full LDAP CRUD
OpenLDAP support
Access review campaigns ~
SoD policy engine
BambooHR JML integration ~
HMAC-signed evidence
SIEM export
Setup time Minutes Minutes Days (agent) 4–12 months
Starting price TBD — tell us ~$5k/yr ~$8k/yr $75k+/yr
Early access

Be the first to replace
your spreadsheet ritual

We're onboarding a small group of design partners. You get early access and direct input on the product. We get real-world feedback. No commitment required.

No spam. No sales calls. Just a heads-up when we're ready.