Skip to main content

SecurityV0 — Final Consolidated Report for CEO Review

Date: March 19, 2026

Prepared for: Sergey (CEO)

Prepared by: Ivan (CTO), synthesized from 7 independent research and review workstreams

The single line: We show what automations and non-human identities can actually execute across ServiceNow and Microsoft — and where that creates real risk.

North star: agentic AI and automation security and governance. Current wedge: a repeatable, time-boxed evaluation that exposes real execution authority across ServiceNow and Microsoft, shows drift and remediation guidance, and produces outputs partners and CISOs can use immediately.

1. What This Report Is Based On

This is not a new analysis. It consolidates everything we produced in the March 2026 sprint into one document, filtered through your market feedback and business direction.

SourceWhat It ContainsDate
Multi-Perspective Platform Review — Round 27-agent visual review of the live platform (35 screenshots). First review where agents actually SAW the rendered UI. MPAS-7 acceptance scores.Mar 19
Consolidated Action PlanPhased implementation plan (Phases 0-5) incorporating your 28 feedback items, cross-review corrections, and research findingsMar 19
RSAC 2026 Competitor AnalysisDeep analysis of Token Security, Geordie AI, Realm Labs, Fig Security — capabilities, funding, gaps, positioningMar 19
Competitor UX Analysis10 UX patterns from competitors mapped to our usability gaps — what to steal, what to skipMar 19
AutoResearchClaw Study23-stage scientific study: 50 synthetic NHI scenarios, 7 reviewer personas. Produced 5 findings about what actually moves acceptance scores. Full paper: Platform Evolution ResearchMar 18-19
Sergey Feedback TrackerYour 28 inline review comments — 3 done, 5 partial, 9 not started, 4 deferred, 5 open questionsMar 16
Sergey's field feedback (conversation, Mar 19)Your current read of the market after 2 weeks of CISO conversations with Isak. Not a formal market study — founder field signal that shapes this report's filter.Mar 19

2. Where We Are Today — Honest Assessment

The Platform

What works well (confirmed by all 7 reviewers):

  • Evidence engine has distinct capabilities — SHA256 integrity-hashed evidence packs, deterministic findings, named departed owners
  • Cross-system execution chain tracing (ServiceNow → OAuth → Azure SP → Permissions) — no competitor publicly shows this at equivalent granularity (based on public materials)
  • Cluster verdict sentences pass the 5-second comprehension test
  • New pages (Data Domains, Execution Chains) are strong additions
  • Impact scores correctly removed per your decision (PR #89)

What's broken:

  • 2 broken pages that any demo stakeholder hits within 3-4 clicks (scope_drift cluster, Exposure Detail)
  • Remediation still too generic — says "restrict access" instead of "remove role X from identity Y in system Z"
  • Breadcrumbs show 40-character hash IDs — screams "developer tool"
  • Zero compliance mapping visible in UI (OWASP mapping exists internally, not surfaced)
  • No export, no PDF, no way for a CISO to copy into PowerPoint

MPAS-7 Scores (Round 2):

RoleScoreTargetGap
CISO Executive68%≥85%-17%
SecOps Analyst74%≥80%-6%
Enterprise Executive (sellability)2.1/5≥3.5/5-1.4
CEO (your items)19/28 done≥24/28-5 items
Security Auditor0 CRITICAL0 CRITICALMet

Bottom line: Ready for internal demo. Not ready for design partner demo. The data engine is the moat — the presentation layer doesn't do it justice yet.

3. Market Reality — Founder Field Signal

This section captures Sergey's current read of the market based on 2 weeks of CISO conversations with Isak (March 2026). This is founder field signal — not a formal market study. It is the most current signal we have and it shapes every priority decision in this report. Claims below are inferences from these conversations unless otherwise noted.

What the field conversations showed

  1. All four RSAC competitors appear to have <$5M revenue despite being on the market for years (founder assessment based on public signals — not validated). Token ($32M raised), Geordie ($6.5M raised), Realm ($5M raised), Fig ($38M raised) — lots of funding, limited revenue proof.

  2. "Agentic AI security" as a category did not start budget conversations. 2 weeks of CISO conversations testing this positioning — the budget conversation didn't start until the framing narrowed to real execution authority across ServiceNow and Microsoft.

  3. The current wedge — real execution authority across ServiceNow and Microsoft — is where budget engagement started. When framed as NHI governance with execution-authority visibility and drift detection, CISOs began engaging on budget.

  4. Lifecycle management is huge — but we're 10-20% there. Auto-decommissioning orphaned identities requires the system to be absolutely confident it won't break anything. Rock-solid remediation guidance is the prerequisite.

  5. Not betting on behavior-based detection/response right now. The current wedge is deterministic governance, drift, and remediation guidance — not behavioral anomaly detection or real-time response.

  6. AI-driven remediation is huge IF it works. Requires full understanding of scope and business impact. "Big ticket item. But if it works, it's huge."

  7. CISOs want printouts for PowerPoint. Not dashboards. Not MCP. Printouts.

  8. MCP/AI features could spread focus. "Who are we selling to?" — losing focus is the worst thing right now.

  9. Reporting in readable CISO format (email + PDF) is the same tier as MCP. The difference is only in delivery format.

How this filters the action plan

Proposed ItemSergey's FilterVerdict
Fix broken pages, breadcrumbs, remediation namingCore quality — must shipDO
Compliance mapping (OWASP/NIST badges)Low effort, high credibility, partners ask for itDO
Report generator (PDF/email)"CISOs want printouts for PowerPoint" — this IS the product for partnersDO
Remediation with named objects + blast radiusFoundation for lifecycle management (10-20% → higher)DO
"What changed since yesterday" filterCritical for repeat usage of the productDO
MCP server / NL query interfaceCool, but "spreads focus — who are we selling to?"DEFER
Behavior-based detection/responseNot the current wedge — deterministic governance, drift, and remediation guidance come firstSKIP
Real-time intervention (Beam-style)Different product category. We're read-only by design.SKIP
ML-based risk scoringContradicts deterministic philosophy AND your "remove scores" decisionSKIP
Warm color palette / visual redesignFor the report template — not the platformLATER
What-if simulationDirectionally right (blast radius of a fix) but needs remediation foundation firstLATER
Free/open-source lead-gen toolsGood idea, wrong timeLATER

4. What We Have vs. What They Have — Through Your Lens

Our apparent moat (based on public competitor materials — not confirmed by product-level evaluation)

These are capabilities where no competitor publicly demonstrates equivalence based on websites, press coverage, and RSAC materials as of March 2026. Competitors may have unlisted capabilities; their unified graphs or agent telemetry may cover some of this ground in ways not visible from the outside.

  1. Cross-system execution chain tracing — ServiceNow → OAuth → Azure SP → Permissions as one deterministic chain. Token builds per-system identity graphs with entitlement mapping; their public materials don't show cross-system execution chain stitching at this granularity, though their unified graph may cover some of this. Geordie monitors per-agent behavior but emphasizes per-agent telemetry rather than cross-system authority chains.

  2. Temporal drift detection (core day-1 value) — version-history comparison for scope drift, ownership drift, reachability drift over time. Drift is core product value, not supporting detail — it is the primary mechanism for showing "what changed and why it matters." Drift rules compare current state to the oldest recorded entity version; the formal baseline subsystem (types/CRUD) exists but is not yet wired into the evaluation path. Strongest on Entra-ServiceNow; Azure Foundry evidence is partially inferred. Competitors offer posture management but don't emphasize drift-specific analysis in public materials.

  3. SHA256 integrity-hashed evidence packs — timestamped, version-chained bundles with per-finding integrity hashes. Packs are synthesized summaries (capped at 200 evidence rows, 50 versions, 100 events), not raw audit archives. The hash covers content but not timestamps or chain metadata, and packs live in a mutable MongoDB collection — this is tamper-detection, not cryptographic sealing or immutability. WORM storage and KMS signing are deferred to post-launch (see architecture doc Open Question #6). No equivalent structured evidence artifact visible in competitor products, though the capability is straightforward to replicate.

  4. Deterministic-only findings — no ML, no probabilistic scoring. Every finding is provable and walkable. Token uses ML for classification. Geordie uses dynamic scoring. In regulated/audit-heavy environments, provable findings are a differentiator, not a limitation.

  5. Read-only deployment — zero blast radius. Token auto-remediates. Geordie intervenes in agent execution. For risk-averse enterprise deployments, read-only is an advantage.

Our gaps that matter for selling TODAY

GapWhy It Matters NowCompetitor Reference
3 connectors vs. Token's 50+Existential for enterprise sales. No Entra+SNOW deployment can claim "100% NHI discovery."Token has AWS, Azure, GCP, Okta, GitHub, Snowflake, CyberArk, etc.
No named customersEveryone else has logos. Even anonymized case studies build credibility.Token: HPE, HiBob, Udemy, Elastic, Klaviyo, etc.
No compliance mapping in UIPartners ask "What's the OWASP impact?" — we have the mapping internally but it's invisibleGeordie: OWASP Agentic Top 10, ISO 42001, EU AI Act on the main dashboard
No report/export"CISOs want printouts for PowerPoint" — without this, 60-70% partner rewriteToken/Geordie have reports; Fig has pipeline health dashboards
Remediation doesn't name objectsCan't guide safe action without saying which specific role/identity/systemToken generates remediation scripts with system specifics

What your conversation revealed about Token specifically

Your inline reactions to Token's capabilities, mapped to where we stand:

Token CapabilityYour ReactionOur Status
Continuous Discovery (all NHIs)"Can we claim 100% NHIs if we deploy on Entra+SNOW?"No — 3 connectors. Honest answer: we find what we connect to.
AI Agent Intent Understanding"Our scope drift with the same intent. Interesting how they do it. Enforces intent-aligned least privilege — if it works, very strong."We detect scope drift (temporal comparison). We don't enforce. Read-only model.
Lifecycle Management (auto-decommission)"This is huge. Effectively taking remediation guidance and acting on it. We're 10-20% there. Top focus for 2026."Correct assessment. Our remediation must be rock-solid before we can act on it. Phase 0.1 (named remediation) is the first step.
Security Posture Management"Similar foundation to ours. Curious to see if right-sizing actually works."Overlap. Our approach is deterministic; theirs uses ML.
ITDR (anomaly detection)Not betting on behavior-based detection/response right now.Skip. Current wedge is deterministic governance and drift.
AI-Driven Remediation"Big ticket item. If it works, it's huge. Requires full understanding of scope + business impact."Future state. Prerequisite: remediation guidance must be perfect. We're building the foundation (Phase 0.1, Phase 4).

5. The Strategic Path — What to Build and Why

Principle: Engine → Presentation → Reports → Lifecycle

The research proved that the order matters and effects are multiplicative:

  • Engine completeness fixes alone: +9 points acceptance
  • Presentation clarity alone: +7 points acceptance
  • Both together: +19 points (not +16 — the interaction adds +3)

Doing presentation work on broken data doesn't stick. Doing reports before presentation is clear produces reports that need rewriting. The order is structurally required.

Phase 0: Fix Demo Blockers (1-2 sessions)

Why: Two broken pages kill any demo in 3-4 clicks. Doesn't matter how good the engine is if the prospect sees an error screen.

#FixEffort
1Fix scope_drift_sensitive cluster — either fix rendering or remove from cluster list<1 session
2Fix Exposure Detail — resolve EXP-hash → entity ID mapping<1 session

Phase 0.1: Remediation Foundation (2-3 sessions)

Why: You said lifecycle management is "top focus for 2026" and we're "10-20% there." Named remediation is the prerequisite. A partner can't sell "restrict access" — they can sell "Remove the 'Contributor' role from svc-foundry-ascribe-prod on the LLM Egress resource group."

What it enables later: When remediation names specific objects, we can calculate blast radius per fix. When blast radius is reliable, we can suggest auto-decommissioning. This is the staircase to lifecycle management.

#FixEffortBusiness Impact
3Complete remediation object naming — every action specifies which role, identity, system2-3 sessionsUnblocks partner demos. #1 cross-cutting issue across 5/7 reviewers.
4Add choke-point deduplication — "Applies across 3 clusters" when same fix solves multiple problemsIncluded aboveYour words: "Show where one fix reduces multiple exposures — that's the real value."

[RESOLVED — Mar 20]: Remediation blast radius: surface one strong business-impact detail per action (e.g., "this role grants write access to the patient-records data domain"). Not full dependency tree — keep it limited and actionable. Remediation must be handoff-ready for Jira or ServiceNow ticket creation.

Phase 1: Make It Sellable (5-7 sessions)

Why: The Enterprise Executive scored 2.1/5 on sellability. Partners would rewrite 60-70% of the output. These items make the platform look like a product, not a prototype.

#FixEffortWhy This Matters
5Fix breadcrumbs — no hash IDs in navigation1 sessionRemoves "developer tool" perception (flagged by 5/7 reviewers)
6Add compliance badges (OWASP ASI-03, NIST AC-2) on clusters and findings1-2 sessionsMapping exists — just needs rendering. Partners ask for it. Geordie has this. Category-defining for NHI governance.
7Invert cluster card hierarchy — verdict sentence dominant, path count secondaryLowToken validates this pattern works. Currently "13 Paths" dominates; should be "3 orphaned automations access patient records daily"
8Replace inventory stat cards with business metricsLow"Sensitive Domains Reached: 6" beats "Active Autonomous: 5 Identities"
9Add execution confidence labels (plain English)Low"Execution Confirmed" / "Standing Authority Only" — no ABC grades
10Add "What changed since yesterday" filterMediumYou said: "High priority — nobody asked yet but I expect this to be critical for repetitive use of the product."
11Fix sidebar navigation — add Execution Chains, Findings, ExposuresLowCurrently orphan pages unreachable from sidebar

Phase 2: Data Quality (2-4 sessions, parallel track)

Why: The research proved engine completeness has the highest per-item impact on acceptance scores. These are bugs, not features.

  • Fix added_roles in evidence packs — NOT A BUG (code audit Mar 21: field is correctly populated)
  • Fix posture summary path count discrepancy (32 vs 30) — root cause: cap in posture-service.ts
  • Populate target_resource in execution evidence — NOT A BUG (code audit Mar 21: connectors populate it)
  • Fix meta.bySeverity/byType scoping (page vs total) — root cause: page-scoped counts mixed with global total
  • NEW: Fix role_history evidence completeness mismatch (evaluator says "available", connector says "not implemented")

Phase 3: Reports — The Partner Product (9-14 sessions, next sprint)

Why: "CISOs want printouts for PowerPoint" and "Channel repackages on their own paper — executive output is critical, that's what they sell."

This is THE feature that turns SecurityV0 from an analyst tool into a partner-sellable product. The research found that a report generator drops partner rewrite from 60-65% to 15-20%.

Phase 3 is deliberately progressive — validate the template before committing to architecture:

Step 1: Template validation (this sprint, 3-5 sessions)

#ItemEffortKey Constraint
12Compliance mapping in data layer (pull into current sprint)1-2 sessionsLow effort foundation for both UI badges and report content
13Assessment Report template — CLI script generating markdown from existing API data. 5 sections, NO methodology appendix.2-3 sessionsResearch finding: even a collapsed appendix hurts purchase intent
14Scan Digest — 1-page post-scan summary, also markdown via CLI1 sessionFirst deliverable format

Validation gate: Show the markdown template to Deloitte / next design partner. If they say "this is 80% there," proceed to Step 2. If not, iterate on the template before building infrastructure.

Step 2: Report Service + delivery (next sprint, 6-9 sessions)

#ItemEffortKey Constraint
15Report Service + Store — two API families: full-fidelity (platform) and pre-synthesized (reports)4-6 sessionsReport generator must NOT access raw evidence (legibility inversion principle). Only build after template is partner-validated.
16Email delivery1-2 sessions"Give CISO an email they can forward to the team"
17PDF rendering1 sessionGenerated from validated markdown template

Research finding on reports (critical): Opinionated single-verdict reports score ~2 points higher on purchase intent than analytically rich formats. The assessment report should be a recommendation, not an analysis. Methodology belongs in the evidence export for auditors, not in the executive report.

[SERGEY DECISION POINT]: Report format priority. Options: (A) PDF first — CISOs copy into PowerPoint. (B) Email first — highest reach, lowest friction. (C) Markdown first — fastest to build, partners can reformat. Your earlier note said "markdown is fine at this point."

[SERGEY DECISION POINT]: Report cover page. Your direction: "[Client Name] — Exposure Assessment by SecurityV0." No partner logo, no "Autonomous Execution" subtitle. Confirm this is still the right framing.

Deferred Items (Correctly Held)

ItemWhy Deferred
MCP server / NL queryCool demo, but spreads focus. Not what CISOs are asking for today. Revisit when we have paying customers who would use it.
ServiceNow ticket creationAccepted as quick win — but WHO to send it to needs ownership inheritance logic. After remediation foundation.
Posture trend chartYour decision: research how Wiz shows this first. Don't invent a new pattern.
What-if simulationNeeds remediation foundation first. Right idea, wrong time.
Visual redesign (warm palette)For the report template, not the platform. Address during Phase 3.
Cross-source divergence scoringNeeds 4+ connectors. We have 2.

6. What NOT to Do — Focus Protection

This section exists because losing focus is the worst thing that can happen right now.

Don't chase agentic AI security as a product category today

Your field signal: 2 weeks of CISO conversations, no willingness to pay for this framing. All four RSAC competitors lean into "agentic AI" messaging but appear to have limited revenue traction despite significant funding. The category is real but budget allocation hasn't followed yet.

What to do instead: Position on the current wedge — real execution authority across ServiceNow and Microsoft, with drift and remediation guidance. The agentic AI story is the north star in the pitch deck — the wedge is how we get into accounts today.

Don't add ML, probabilistic scoring, or behavior-based detection/response

Geordie and Token use ML. SecurityV0 is not betting on behavior-based detection/response right now. The current wedge is deterministic governance, drift, and remediation guidance. Our deterministic-only stance is a differentiator for regulated/audit-heavy buyers — every finding is provable and walkable. Don't give that up.

Don't add write-back or automated remediation yet

Token auto-remediates. Geordie intervenes. We're read-only by design. Your assessment: "The system must be absolutely confident that what it is remediating is not going to break the system. Where we are 10-20% there at most."

The path: Named remediation (Phase 0.1) → Blast radius per fix → Confidence threshold → Auto-decommission. Each step builds on the last. Skip one and the system breaks production.

Don't build MCP server, AI chat, or NL query interface now

Token's MCP server is clever. But: "Who are we selling to?" If the buyer is a CISO who wants a PowerPoint printout, they don't want a chat interface. The MCP story matters when (a) we have paying customers and (b) those customers have analyst teams who would use it daily.

Don't invest in marketing site polish, animated logos, or brand redesign

Token has GSAP scroll animations. Fig has a cream palette. None of this is what makes CISOs buy. Fix the product. The marketing site matters after the first 3-5 paying customers.

Don't chase integration breadth right now

Token has 50+ integrations. We have 3. The gap is real for enterprise sales. But connector breadth does not outrank report/product legibility work unless a committed late-stage customer requires it. Adding connectors before the core platform is sellable means more systems showing the same broken experience. Get the presentation and reports right on Entra + ServiceNow first, then accelerate connectors.

7. Open Decisions for Sergey

These need your input before we proceed:

#DecisionContextOptionsRecommended
1Delta badges on Overview (+838%)Seed data artifact. UX says remove. CISO reviewer says keep with context.A) Remove entirely B) Keep with baseline context C) Replace with absolute countRESOLVED (Mar 21). Remove — too technical, doesn't aid readability.
2"Authority path" terminologyYou asked: "Is it something SIs and CISOs will immediately understand?"Test with next 2-3 partner conversations.RESOLVED (Mar 20). Default external term = Access Path. Formal variant when precision is needed = Execution Access Path.
3Evidence pack definitionNeeds a jargon-free one-liner for UI and docs.Proposed wording saved for Phase 4.DEFERRED (Mar 21). Focus on readability first. Revisit when report templates are built.
4Remediation blast radiusShow "what might break" alongside the fix?A) Just the action B) Action + affected workloadsRESOLVED (Mar 20). Surface one strong business-impact detail per remediation action. Keep it limited — not full dependency tree.
5Report format priorityPDF, email, or markdown first?A) PDF B) Email C) MarkdownC then B. Markdown is fastest to iterate. Email has highest reach. PDF can come from markdown.
6NHI discovery claim"Can we claim 100% NHI discovery on Entra + ServiceNow?"Be honest: we find what we connect to. Claim coverage per connected system, not total NHI estate.Per-system coverage claims only. Don't overclaim.
7Connector acceleration timing3 connectors vs. Token's 50+. When do we invest?A) After platform is sellable B) In parallel now C) After first paying customerRESOLVED (Mar 20). Connector breadth does not outrank report/product legibility work unless a committed late-stage customer requires it.

8. Timeline and Projected Impact

If we execute Phases 0-3:

MilestoneEffortCumulative (serial)What Changes
Demo blockers fixed (Phase 0)1-2 sessions1-2Can show the platform without hitting error pages
Remediation foundation (Phase 0.1)2-3 sessions3-5Partners can read remediation without asking "which one?"
Sellable presentation (Phase 1)5-7 sessions8-12CISO score from 68% → ~82-85%. Enterprise sellability from 2.1/5 → ~3.0/5.
Data quality clean (Phase 2)3-5 sessions(parallel with Phase 1)SecOps analyst meets threshold. Evidence packs are complete.
Report template validated (Phase 3, Step 1)3-5 sessions11-17Markdown templates shown to partner. Validation gate before building service.
Report service + delivery (Phase 3, Step 2)6-9 sessions17-26Enterprise sellability → ~3.5-4.0/5. Partner rewrite drops from 60-65% to 15-20%.

Total to partner-demo-ready: ~8-12 sessions (Phases 0 + 0.1 + 1, serial)

Total to partner-sellable: +9-14 sessions beyond demo-ready (Phase 3, next sprint). Phase 2 data quality (3-5 sessions) runs in parallel with Phase 1, so it does not add to the serial timeline.

Projected MPAS-7 scores after all phases:

RoleCurrentAfter Phase 0+1After All PhasesTarget
CISO Executive68%~82-85%~85-88%≥85%
SecOps Analyst74%~80-82%~82-85%≥80%
Enterprise Executive2.1/5~3.0/5~3.5-4.0/5≥3.5/5
CEO Items19/28~23-24/28~25-26/28≥24/28

9. The One-Paragraph Version

SecurityV0's data engine — cross-system execution chain tracing, temporal drift detection, integrity-hashed evidence packs — is our apparent moat. Based on public materials, no competitor demonstrates equivalent cross-system chain stitching at this granularity (though their products may have capabilities not visible from the outside). But the engine is wrapped in a presentation layer that looks like a developer tool and produces output that partners need to rewrite 60-70%. The fix is sequential: broken pages → named remediation → compliance badges + business metrics → report generator for PDF/email. Doing it in this order is structurally required (research-proven multiplicative effects). The current wedge is real execution authority across ServiceNow and Microsoft, with drift and remediation guidance — not "agentic AI security" as a category. The north star is agentic AI and automation security and governance; the wedge is how we get into accounts. Don't chase MCP, behavior-based detection/response, ML scoring, or automated remediation until the core is sellable and the first customers are paying.

This report consolidates 7 independent workstreams. Each source is linked in Section 1 via wikilinks to the original document. All acceptance score projections are analytical estimates from the AutoResearchClaw study, not empirical measurements — they will be validated in Round 3 review after implementation.