Sign inBook a demo
Company

Identrail exists because identity is the new perimeter,
and most teams are securing it blind.

A founder note, the principles we build under, and an honest read on where we are today.
01The graph is the surface.
02Read-only until proven otherwise.
03Open beats opaque.
A note from the founder

I have spent my career inside cloud IAM systems — at the level where you debug an `sts:AssumeRole` chain by hand and still wonder if you missed a hop. The honest truth is that almost nobody knows what their non-human identities can reach. They have signals, they have detections, they have queues full of findings. What they do not have is a clear, evidence-grounded answer to the only question that matters: what can this identity touch, and what would actually break if I took that reach away?

That gap is where the breaches happen. That gap is what Identrail closes. Open core, because security tools you cannot read are security tools you cannot trust. Read-only by default, because the right way to start is by looking. Path-grounded severity, because nobody has the attention budget for theoretical risk anymore.

We are early. We are building in public. If any of this resonates, talk to us — by email, on Discord, or on the repo. The product gets better when the people who care about it tell us where it is wrong.

Oluwatobi Mustapha
Founder & CEO · Identrail
Connect on LinkedInhello@identrail.com
The team

Founder-led, building in the open.

Identrail is currently a small founding team — disciplined, opinionated, and shipping. We will name the next hires here as they join.
Founder

Oluwatobi Mustapha

Founder & CEO

I build and secure IAM systems across cloud and distributed environments, with a focus on least-privilege architecture for both human and machine identities.

I am a member of the AWS Community Builders program and of The Identity Underground, the Silver Fort–backed community for identity-security practitioners.

Cloud IAM Security Engineer · Non-Human Identity · OSS Contributor
We're hiring

Looking for early teammates.

Founding engineers (graph, detection, simulator), founding designer, and a security lead. Remote-friendly. Equity-meaningful. Send a note to hello@identrail.com.

What we build under

Four principles.

These are the rules we use to decide what ships and what does not. They predate the product and they will outlive every release.

The graph is the surface.

You should never have to leave the trust graph to do anything important. Find a finding, click into the path, simulate the fix, route it to an owner — same surface, no exports.

Read-only until proven otherwise.

Every connector is read-only by default. Enforcement is a separate, opt-in surface. We will never ship a feature that requires write access without naming exactly what it writes and why.

Open beats opaque.

The detection logic, the simulator, the connectors — all of it is in the public repo. If a buyer cannot read the source of a security tool, they cannot trust it. We chose Apache 2.0 on purpose.

Severity must be earned.

A finding is "high" only when the path resolves to data, money, or control. We refuse to ship a tool that floods you with theoretical risk. The point is to surface what matters and stay quiet otherwise.

Where we are

Honest status today.

  • Funding: backed by private investors; names withheld until a public announcement.
  • Customers: in design-partner stage with a small group of platform-security teams.
  • Compliance: SOC 2 Type I in progress; no pen-test history yet, public when it lands.
  • Code review: every PR must pass signed commits, tests, security checks, and human review before merge.
Company

Logistics.

Legal name
Identrail, Inc.
Registered
Delaware, USA
Founded
2025
Contact
hello@identrail.com
Security
security@identrail.com

Talk to the founder.

If you are a security or platform engineer dealing with machine-identity sprawl, we want to hear from you — even if you are not buying.

Book 15 minutesEmail Oluwatobi