The IAM Resilience Platform
Okta/Microsoft Entra ID

Okta and Entra ID protect the service. Acsense protects your tenant.

Continuous backup, ≤10-minute drift detection, hot-standby DR, and audit-ready evidence — for the part of identity that is your responsibility.

Get a demo → Talk to sales
The IAM Resilience Platform

Okta and Entra ID protect the service. Acsense protects your tenant.

⚠ TENANT CORRUPTED · RANSOMWARE Without Acsense
acme.okta.com COMPROMISED
1,842 users deleted×
Group memberships wiped×
App assignments lost×
MFA factors reset×
2–6 wks manual rebuild · no native restore
✓ TENANT RESTORED · +9m 47s With Acsense
acme.okta.com RECOVERED
1,842 users restored
Group memberships intact
App assignments restored
MFA factors restored
~10 min RPO · business continues

Continuous backup, granular restore, drift detection, and audit-ready evidence for Okta and Microsoft Entra ID.

Get a demo → Talk to sales
The IAM Resilience Platform
UTC14:42:07

Okta and Entra ID protect the service. Acsense protects your tenant.

A single resilience layer for Okta and Microsoft Entra ID.

Get a demo → Talk to sales
01 · Backup+12s
412
snapshots last 24h
02 · Drift2m 14s
02:44MFA policy weakened
00:18SAML cert rotated
00:03Group “Finance-Admins”
03 · Tenants7 active
acme.okta.com
acme-eu.okta.com
acme.onmicrosoft
+4 more
04 · Disaster Recovery~10 min RPO
Production
Hot standby
Continuous replication · automated failover ready
05 · ComplianceContinuous
SOC 2 ISO 27001 NIST DORA NIS2 HIPAA GDPR APRA
The IAM Resilience Platform

Okta and Entra ID protect the service. Acsense protects your tenant.

Continuous backup, point-in-time recovery, drift detection, and audit-ready evidence — for the part of identity that is your responsibility.

Get a demo → Talk to sales
  • ~10 minRPO
  • 412snapshots / 24h
  • SOC 2ISO · NIST · DORA

01 · Backup & Recovery

Continuous backup. Granular restore.

Near real-time capture of every IAM object — including Workflows — into immutable, air-gapped managed storage. Investigate any object at any point in time. Restore a single user, a single policy, or the entire tenant in minutes.

  1. 01

    Continuous data protection

    Near real-time capture of IAM data — Users, Groups, Apps, Policies, NHIs — across Okta and Entra ID with immutable storage.

  2. 02

    Tenant onboarding

    Rapid onboarding of Okta and Entra ID tenants into Acsense with full baseline capture.

  3. 03

    Workflow backup

    Protect Okta Workflows and Entra ID automations so they can be restored alongside tenant state.

  4. 04

    Time Machine / Change Log

    Navigate tenant state across time with a complete change log — who changed what, when, and from what state.

  5. 05

    Object investigation

    Examine specific objects at any point in time to diagnose and recover from incidents.

  6. 06

    Single object & bulk recovery

    Precisely recover individual users, groups, or policies — or restore large sets in a single operation. Recycle bin for instant undo.

Continuous backup · Okta + Entra IDLast capture 00:03 ago

Point-in-time snapshots · last 24h

24h12hnow

Objects captured in snapshot

Users
12,481
+23 vs prev
Groups
1,204
±0 vs prev
Apps
318
+2 vs prev
Policies
86
+1 vs prev
Workflows
142
+3 vs prev
NHIs
2,047
+8 vs prev
Restore scope — tenant · object · single attribute
Restore →

02 · Configuration Management

Many tenants. One control surface.

Multi-tenant visibility, full tenant replication, and a controlled promotion pipeline between development, preview, and production — with ITSM integration so every change carries an approval trail.

  1. 01

    Configuration change history

    Full audit trail of every configuration change across Okta and Entra ID — who changed what, when, and from what state.

  2. 02

    Multi-tenant management

    Centrally oversee and control all Okta and Entra ID environments — including Realms — from a single interface.

  3. 03

    Full tenant replication

    Create complete IAM tenant clones for testing or migration. A safe environment for validating changes before production.

  4. 04

    Cross-tenant change promotion

    Move configurations seamlessly between development, preview, and production. A controlled promotion pipeline for IAM changes.

  5. 05

    ITSM integration

    Integration with ServiceNow, Jira, and other change-management tools. Full audit trail of approvals and deployments.

Change promotion pipelineITSM: ServiceNow CHG-44721
Tenant
Dev
acme-dev.okta
• Current
Preview
acme-stg.okta
Tenant
Production
acme.okta

Promoting to Production

+Policy “Privileged Access” — 3 new rulesapproved
ΔGroup “Finance-Admins” — MFA enrollment updatedapproved
+App assignment “Netsuite” → “Finance-Admins”approved
Linked: ServiceNow CHG-44721
Promote →

03 · Disaster Recovery

Hot standby. Automated failover.

A fully-replicated hot standby tenant, ~10 minute RPO, and automated failover — backed by Continuous Resilience Validation that proves your runbook works in production-fidelity drills, before an incident forces it.

  1. 01

    Full tenant rollback

    Instantly roll back or fast-forward your Okta or Entra ID tenant to any point in time — recovering production incidents or undoing bulk misconfiguration.

  2. 02

    Hot standby tenant

    Maintain a failover-ready IAM environment for immediate ransomware recovery or disaster response. Always current, always ready.

  3. 03

    Continuous tenant replication

    Synchronize IAM configurations with ~10 minute RPO to minimize data loss during failover scenarios.

  4. 04

    Automated tenant failover

    Switch to the standby IAM tenant instantly during disruptions. Defined, measurable RTO backed by platform architecture.

  5. 05

    Continuous Resilience Validation

    Automated, ongoing testing of recovery readiness — produces auditable proof of RTO and RPO without waiting for an incident.

  6. 06

    Last-Mile Application Recovery

    Seamlessly reconnect applications post-recovery with minimal downtime. (Coming soon.)

Automated failover · DR drill~10 min RPO
• Active
Production tenant
acme.okta.com
○ Standby · always current
Hot standby tenant
acme-dr.okta.com
SyncCutoverVerify
Standby continuously replicated. Run an automated drill any time.

04 · Compliance & Assurance

Detect drift. Prove compliance.

An attacker’s first move on the IAM control plane is a config change — weakened MFA, a rogue OAuth app, a new federation trust. Acsense detects both adversarial and audit-finding drift in ≤10 minutes, mapped to SOC 2, ISO 27001, NIST, HIPAA, GDPR, DORA, NIS2, and APRA.

  1. 01

    Continuous compliance validation

    Live IAM configurations mapped against SOC 2, ISO 27001, NIST 800-53, HIPAA, GDPR, DORA, NIS2, and APRA CPS 230/234 — across Okta and Microsoft Entra ID — in near real-time. Not periodic snapshots. The actual controls your audit firm checks.

  2. 02

    Continuous drift detection

    When Conditional Access weakens, admin privileges expand, or token settings change — alerts fire in ≤10 minutes via Slack, Teams, SIEM, and email. Turns a three-week blind spot into a ten-minute signal.

  3. 03

    Recoverability health

    Confidence scoring on whether backups are complete and restorable — surfaces recoverability risk before an incident, before an auditor asks.

  4. 04

    Compliance scoring & audit reports

    Automated compliance scores, historical configuration logs, and framework-mapped evidence reports — eliminating weeks of manual spreadsheet collection before every audit cycle.

  5. 05

    NHI audit trails — Shadow IAM coverage

    Full audit trails for AI agents, service accounts, and API tokens — whether provisioned by your team or hijacked post-compromise. Closes the #1 entry point for modern identity breaches.

  6. 06

    Automated remediation

    Restore configurations to approved compliant states automatically when drift is detected. (Roadmap.)

Continuous compliance validationDrift SLA: ≤10 min
⚠ DRIFT DETECTED · 2m 14s ago MFA policy “Privileged Users” weakened · alerting Slack · SIEM
SOC 2
CC-6.1
98
ISO 27001
A.5.15
96
NIST 800-53
AC-2
94
HIPAA
§164.312
95
GDPR
Art. 32
92
DORA
Art. 9
91
NIS2
Art. 21
93
APRA CPS 234
§35
89
NHI & Shadow IAM audit — 2,047 NHIs tracked across Okta + Entra
Evidence →

Architecture

How it works. What it covers.

Okta and Microsoft guarantee their service is available. They do not guarantee your tenant is recoverable, your configurations are compliant, or your changes are auditable. Acsense fulfills the customer side of shared responsibility — an isolated control plane that ingests change streams, stores them in an immutable vault, and produces backup, drift, failover, and audit-ready evidence.

Identity providers
OK
Okta
Read-only API · SCIM · Webhooks
MI
Microsoft Entra ID
Graph API · Directory.Read.All
Primary identity keys never leave your IdP.
Acsense control plane
Ingest
Change streams + object graph diffing
Store
Immutable, signed, air-gapped vault
Reason
Drift · anomaly · control mapping
Act
Rollback · failover · evidence export
Resilience outputs
Continuous backup
Restore to any point in time
Live configuration baseline
Drift detected in ≤10 min
Hot standby tenant
Automated failover · ~10m RPO
Compliance validation
SOC 2 · ISO 27001 · NIST · DORA · NIS2 · APRA
Full audit trail
Every change, every NHI

ISO 27001

Certified

SOC 2 Type II

Attested

Encryption

AES-256 · keys rotated quarterly

Tenancy

Isolated per customer

Integrations

Built for the IAM stack you run.

IDP-agnostic by design. One platform, one compliance baseline, one recovery runbook — across the workforce identity providers that matter.

• GA

Okta

Workforce + Customer Identity

• GA

Microsoft Entra ID

formerly Azure AD

Ready to get started

Protect. Recover. Remain operational.

See Continuous Resilience Validation in action across Okta and Entra ID.

Book a walkthrough → Talk to sales