Wedges - Feb 2026
Last update: 2026-02-14
| Wedge | Job Area | Customer Pain | What We Deliver (MVV) |
|---|---|---|---|
| W1 – LAND | Discover Autonomous Execution | I don’t know what automations exist or which are AI-enabled | Deterministic inventory of automations + execution identities in ServiceNow + Foundry |
| W1 – LAND | Understand Data Reachability | “So what?” — I can’t tie bots to sensitive data | Risk-first list view where each finding shows automation → identity → system → data domain; expandable mini-graph per finding |
| W1 – LAND | Classify Egress (LLM/External/Internal/Unknown) | I can’t tell which automations are sending data to LLMs or outside the enterprise boundary | Deterministic egress host/base URL extraction + category badge/filter per finding (no payload inspection) |
| W1 – LAND | Detect Ownership Decay | Owners leave; no one reviewing automations | Ownership health surfaced as badge + filter in risk list; detailed evidence panel per finding |
| W1 – LAND | Surface High-Risk Cases | Too many signals, no prioritization | Dashboard “Top Risks” list (top 10) with badges for data domain, LLM/egress, ownership, drift; expandable deterministic path view |
| W1 – LAND | Communicate Risk | Hard to explain AI automation risk to ELT | One-page executive brief (generated PDF) + per-finding evidence snapshot (deterministic path + source references) |
| W2 – EMBED | Gate AI Before Production | Security is asked to approve blindly | Risk scan triggered at prod deployment event; models execution authority against current prod state |
| W2 – EMBED | Provide Deterministic Risk | “Is it safe?” is subjective | Deterministic execution authority report for the specific workflow being deployed (same path view + evidence model as W1) |
| W2 – EMBED | Detect Drift / Compare Against Baseline | Approval today ≠ safe tomorrow | Drift delta from last approved version, shown as structured change summary in report |
| W2 – EMBED | Detect Drift (Existing Estate) | Risk accumulates silently over time | Drift badge + filter on the estate view; “What changed” section inside each finding detail view |
| W2 – EMBED | Create Audit Evidence | No proof of due diligence | Downloadable evidence bundle (execution path, identities, data domains, timestamps) |
| W2 – EMBED | Enable Clear Decision | No formal AI governance checkpoint | Evidence output + per-finding disposition field (Reviewed / Accepted risk / Needs remediation / Blocked externally) |
| W3 – CATEGORY | Maintain NHI Inventory | No clear inventory of machine identities | Cross-system non-human identity inventory: SPs, managed identities, API tokens, automation accounts |
| W3 – CATEGORY | Detect Authority Expansion | Permissions compound silently | Privilege & integration drift detection |
| W3 – CATEGORY | Model Compounding Risk | Authority compounds across systems | Cross-plane authority correlation |
| W3 – CATEGORY | Monitor Risk Over Time | No way to show AI risk improving or worsening | Risk trend dashboard |
| W3 – CATEGORY | Feed Security Ops | No operationalization of AI identity risk | SOC-ready risk signals - "risk signal" export |
| W3 – CATEGORY | Reduce Exposure | No guidance on tightening NHI risk | Exposure reduction guidance |