ITDR, Scoped to the Actor Moving Your Money
Classic ITDR watches humans and credentials against Active Directory, Entra, and Okta. SentriAI watches the actor that matters inside the business: the AI agent or service account executing a pay run, updating a vendor, or exporting records - resolved to one identity, trust-scored, and held when the actor isn’t who it should be.
Illustrative product view
Not a SOC - the identity layer of Action Governance
Identity is now the primary attack surface, and non-human identities - agents, service accounts, OAuth apps, CI bots - are the fastest-growing, least-governed part of it. But a full ITDR/SOC watching domain-controller telemetry is a different product for a different buyer. SentriAI takes the piece that belongs to the system of record: the identity of the actor performing a consequential business action, evaluated at the moment it acts.
Identity, resolved and scored per action
- Every actor - human, agent, or service account - is resolved to one canonical identity across systems
- Each action carries an identity_confidence that feeds the Action Trust Score
- A change to the executing agent’s identity mid-session halts the session
- A service account acting off its expected path is stepped up or held
- Weak identity confidence on a money mutation blocks the release, not just logs it
The Decision Ledger is the system of record
Where a SOC records telemetry, SentriAI records decisions. Every agent action - who acted, whether their identity resolved cleanly, the verdict, and the proof - is written to the tenant-scoped Decision Ledger. That ledger, not a log pipeline, is the authoritative record of what the autonomous actors in your business actually did.
Frequently asked questions
What is ITDR for AI agents?
It is identity threat detection scoped to the non-human actors acting inside your business - AI agents and service accounts - checking that the actor performing a consequential action is the one you authorized, and holding the action if it isn’t.
Is this a SOC or a replacement for ITDR tools?
No. A full ITDR/SOC watches domain-controller and network telemetry for a security team. SentriAI takes the identity layer that belongs to the system of record: the actor performing a business action, evaluated inline. It complements a SOC rather than replacing one.
Why isn’t a valid token enough?
Because the real risk is an authorized identity doing an unauthorized thing - an agent that is fully authenticated but acting outside its sealed mission. A valid token looks green to a log; SentriAI checks the actor against the mission and the running state.
Where is the record of what agents did?
The tenant-scoped Decision Ledger. It records the decision, the resolved identity, the verdict, and a tamper-evident proof for every agent action - the authoritative record of autonomous business activity.
Stay in the loop
One practical finance briefing a week - new guides, checklists, and benchmarks.
Put a decision - with proof - in front of every action
See how Fintra decides allow / step-up / hold / block per action and writes each verdict to a tamper-evident ledger.
Talk to us