PrivyAudit

PrivyAudit is a web app (with optional lightweight desktop agent) that continuously answers a painful question: “Who has access to what, and why?” It connects to your existing identity stack (Okta/Azure AD), cloud IAM (AWS/GCP/Azure), and key SaaS apps (Google Workspace, GitHub, Salesforce) to build a unified, evidence-ready access graph. It detects toxic combinations (e.g., admin + billing), stale entitlements, shadow admins, and access paths created by nested groups and role chaining. The product generates auditor-friendly reports (SOC 2, ISO 27001) and provides a remediation workflow: propose least-privilege changes, open tickets, and track approvals. This is a combination traditional + AI app: AI helps summarize findings, draft remediation plans, and explain complex access paths in plain English, but the core value is deterministic access mapping and policy checks.