- What is Sentyn?
- Sentyn is an ownership-first machine identity security console. It discovers IAM roles, service accounts, tokens, and automation identities read-only, assigns owners with evidence, maps blast radius, and exports audit-ready proof without storing raw secrets.
- What problem does Sentyn solve?
- Organizations inherit thousands of machine identities with unclear owners, excessive privilege, and no evidence trail for auditors. Sentyn names identities, surfaces unknown owners as findings, and packages proof in the same workflow security teams use to triage risk.
- How is Sentyn different from a secrets manager?
- Secrets managers store and rotate credentials. Sentyn inventories and governs machine identities across cloud and CI/CD, stores only redacted evidence, and never replaces HashiCorp Vault, AWS Secrets Manager, or CyberArk vault functions.
- Which connectors are production-ready?
- AWS IAM and GitHub ship with production maturity labels in Sentyn. Vercel, Supabase, and Cloudflare are available as read-only platform connectors. Azure Entra, Kubernetes, GCP IAM, and others carry explicit beta or planned labels tied to backend proof tests.
- Does Sentyn write to cloud providers?
- No. Discovery connectors are read-only. Remediation remains preview-only in P0 with explicit human approval before any future write automation.
- What evidence does Sentyn export for audits?
- Inventory snapshots, ownership status, finding evidence panels, relationship graph metadata, and append-only audit events. Exports are tenant-scoped and redacted.
- What is machine identity security?
- Machine identity security governs non-human credentials and automation principals: IAM roles, service accounts, API keys, OAuth apps, CI tokens, and workload identities. It covers inventory, ownership, least privilege, blast radius, and lifecycle accountability.
- Who is Sentyn for?
- Cloud security, identity engineering, platform security, and GRC teams at organizations with AWS and GitHub footprints who need owner coverage metrics and audit evidence, not another alert feed.