Do you work with our existing provider/team?
Yes — we integrate and complement and enhance their capabilities.; we don't replace.
What is vendor‑agnostic MFA?
A plugin enabling TOTP, WebAuthn, SMS/Email, push without locking into a single vendor.
What is context‑aware auth?
Risk‑based decisions using IP/Geo, device, time and reputation to step‑up, block or allow.
Do you offer 24/7 support?
Yes, with SLAs, monitoring, patching and incident response.
Can you run in our cloud?
Yes: AWS/Azure/GCP or on‑prem; we can also host it for you.
How do you handle upgrades?
Version planning, staging, regression tests, controlled windows and rollback.
Compliance readiness?
Traceability, logging, SoD and documentation aligned with ISO and internal policies.
What does DRP include?
RTO/RPO definition, continuity architecture and regular drills with reports.
Migrations from RH‑SSO or others?
Yes. Inventories, testing and assisted cut‑over.
Observability stack?
Metrics, traces and centralized logs; SLO‑based dashboards and alerts.
Hardening included?
Yes: TLS/HSTS, policies, brute‑force protection, key rotation, least privilege and secret vaults.
Start with an audit?
Yes. Initial assessment surfacing gaps and quick wins.
Typical timelines?
PoC 1–2 weeks; pilot 3–6; production 6–10 depending on scope/integrations.
Pricing & plugin licenses?
Annual licenses with support/roadmap. Custom development available.
Team training?
Yes. Hands‑on training, runbooks and checklists.
External IdPs support?
Yes: SAML/OIDC brokers and corporate directories.
Login performance tuning?
Yes. Cache, DB, flow and static optimization.
Secret management?
Vault/KMS with rotation and access control; no secrets in code.
Region failure?
Failover per RTO/RPO with documented drills and post‑mortems.
WebAuthn/Passkeys?
Yes. Supported via plugins and recommended configurations.
SIEM/SOAR integration?
Yes, we export events and alerts to your current stack.
Fully managed service?
Yes: hosting, 24/7 ops, upgrades, backups, DRP and L3 support.
