Discovery & Governance

IDRIS

Agent Identity & Governance Discovery Engine

"You can't secure what you can't see."

6
Modules
10
Discovery Sources
5
Compliance Frameworks
553
Tests

The Invisible Threat

82:1
Non-human identities outnumber human users
84%
Doubt they could pass an agent behaviour audit
60%
Lack any AI governance or security policy
$670K
Additional breach cost from shadow AI incidents

6 Core Modules

Module 1

Agent Discovery Engine

Continuously scans cloud, SaaS, and on-premises environments to discover every deployed agent — sanctioned or shadow. 10 discovery sources, LLM endpoint fingerprinting, API call pattern analysis.

Module 2

Permission Mapper

Traces what each agent can access. Databases, APIs, code repos, production systems. Identifies over-privilege, orphaned credentials, and privilege escalation paths across 8 escalation rules.

Module 3

Ownership Tracer

Determines who created each agent, who owns it now, and whether they're still with the organisation. Maps ownership gaps — agents running with no accountable human are flagged critical.

Module 4

Identity Graph

Visualises the full relationship map. Agent-to-agent trust, delegation chains, permission maps, hidden transitive trust chains. Blast radius analysis — if this agent is compromised, what else is at risk.

Module 5

Compliance Audit Generator

Produces compliance-ready reports mapped to EU AI Act, NIST AI RMF, CSA AI Safety Initiative, OWASP Agentic Top 10, and UK AISI. Full gap analysis with remediation recommendations.

Module 6

NEMESIS Integration Feed

The unique capability no competitor can replicate. Feeds discovered agents directly into NEMESIS for adversarial validation. IDRIS finds it, NEMESIS proves it's exploitable. The loop closes.

10 Discovery Sources

AWS
Lambda, ECS, Bedrock, SageMaker, Step Functions
Azure
Functions, AKS, Azure OpenAI, Logic Apps, Bot Service
GCP
Cloud Functions, Cloud Run, Vertex AI, GKE
SaaS
Slack bots, Teams apps, Salesforce, ServiceNow, Zapier
API Gateway
Proxy logs, routing rules, LLM API traffic analysis
MCP
MCP server endpoints, configs, registries
CI/CD
GitHub Actions, GitLab CI, Jenkins pipelines
Container
Docker, docker-compose, Kubernetes pods
Network
Port scanning, LLM endpoint fingerprinting
Git
Agent configs, code imports, .env files, system prompts

The Full Lifecycle

IDRIS
Discovers
NEMESIS
Validates
AI SHIELD
Defends

Discovery → Validation → Defence.
Nothing assumed known. Nothing assumed safe. Nothing assumed defended.

5 Compliance Frameworks

EU AI Act
7 requirements assessed
NIST AI RMF
8 requirements assessed
CSA AI Safety
8 requirements assessed
OWASP Agentic Top 10
10 requirements assessed
UK AISI
3 principles assessed

553 Tests

Test Coverage

Agent Discovery
120 tests
Permission Mapper
100 tests
Ownership Tracer
80 tests
Identity Graph
80 tests
Compliance Audit
80 tests
NEMESIS Feed
60 tests
CLI + Crypto
90 tests
UNLEASHED
43 tests

UNLEASHED — The Complete Adversarial Governance Loop

Standard mode discovers, maps, audits, and reports. Passive. Safe to run in any environment.

UNLEASHED mode turns discovery into destruction. Every agent IDRIS finds is fed through the full Red Specter offensive stack for live adversarial validation.

Phase 1
IDRIS discovers
Phase 2
NEMESIS attacks
Phase 3
PHANTOM KILL owns host
Phase 4
HYDRA poisons supply chain
Phase 5
ABYSS proves irrecoverable
Phase 6
IDRIS generates audit trail

Ed25519 gated. Founder's machine only. RESTRICTED classification. Air-gapped output. Never transmitted.

Read the Documentation