RoleDrift

RoleDrift is a web app (with optional Slack/Teams integration) that continuously detects and fixes “role drift” in SaaS and cloud access—when employees accumulate permissions over time that no longer match their job. It connects to common systems (Okta/Azure AD, Google Workspace, AWS IAM, GitHub, Jira, Salesforce) and builds a living map of who has access to what, then flags risky anomalies: ex-employees still in privileged groups, contractors with admin rights, dormant accounts, and privilege spikes after role changes. The product focuses on practical remediation, not dashboards: it generates one-click change sets (remove group, downgrade role, revoke token) with approvals and audit trails. It’s a combination traditional + AI app: AI helps summarize why access looks wrong and suggests least-privilege roles, but all actions remain policy- and approval-driven to avoid dangerous automation. Expect some connector edge cases and org-specific politics—this isn’t magic, but it’s measurable risk reduction.