For IT and security teams governing humans, service accounts, and AI agents

You have more AI agents in your stack
than in your access reviews.

AI agent governance. Thalian sees every AI tool and service account in your stack, including Claude, Cursor, and Copilot, and runs detections built for non-human identities. Live in under 30 minutes, no procurement cycle required.

Get Started Free

Try every Pro feature free for 30 days. No credit card required.

See a Demo

What Thalian actually finds

thalian intelligence · live findings
critical Anthropic service account "research-prod" has no owner of record. Spend up 340% in 7 days.
high      AI agent count grew 47% in 14 days. 12 new agents have no documented owner.
high      4 users authorized Claude and Cursor with mail-read scope via personal Google OAuth
signal Sarah Chen has admin access to Salesforce but hasn't used Okta MFA in 47 days
waste    $640/mo in ChatGPT and Claude seats assigned to users inactive 30+ days
415+detection rules
40+integrations
<2 minto first finding

How It Works

Three steps to full-stack visibility

Connect your tools in minutes. Thalian starts generating cross-platform findings immediately.

Step 01

Connect your tools

OAuth into your identity provider, endpoint manager, and security tools. Setup takes minutes.

Step 02

AI cross-references everything

Thalian joins identity, device, and app data to surface findings no single tool can see. Risks, waste, drift, shadow IT, all in plain language.

Step 03

Act directly from Thalian

Suspend users in Okta, revoke OAuth tokens, contain endpoints in CrowdStrike. Risky actions queue for approval in Slack or Teams.

AI Agent Governance

Govern the agents your IAM stack classifies as service accounts

Okta now syncs AI agents as their own identity type. Most security tools still treat them as service accounts and drown your dashboard in MFA false positives. Thalian classifies AI agents as a first-class identity tier, suppresses the rules that don't apply, and runs NHI-specific detections on top.

First-class identity tier

Okta AI Agents sync as their own identity type, classified separately from humans and service accounts. MFA, SSO, and off-hours rules are suppressed automatically. Agents are excluded from plan-limit identity counts and live in dedicated dashboard tabs.

NHI-specific detections

Possible AI agent unclassified flags service accounts matching AI framework naming patterns (LangChain, CrewAI, Gumloop, n8n) before they're formally classified. AI agent count growing fires when agents exceed 20% of your workforce, the threshold for uncontrolled NHI proliferation with no offboarding process.

Mapped to NIST CSF 2.0 and ISO 42001

NHI findings map to NIST CSF 2.0 PR.AA-01 (AI agent lifecycle governance) and PR.AA-05 (NHI access reviews), and to seven ISO 42001:2023 Annex A controls covering AI resource inventory, system requirements, operational monitoring, event logs, data acquisition, responsible use, and third-party suppliers. Access reviews support "AI agents only" and "NHI only" scopes.

See how AI agent governance works →

AI tool sprawl

And catch every AI tool someone OAuths in from a personal account

Thalian detects ChatGPT, Claude, Cursor, Perplexity, Copilot, Gemini, Midjourney, Notion AI, and 15 other AI tools authorized via OAuth. Flags risky scopes. Tells you who's using what.

4 users granted Claude mail-read and drive-write scope via personal Google OAuth.
Google Workspace OAuth Audit
ChatGPT Enterprise has 3 admin seats assigned to users who are inactive in Okta.
OpenAI + Okta
2 employees connected Cursor to personal Google accounts not approved by IT.
Google Workspace
$640/mo in AI subscriptions assigned to users who haven't logged in for 30+ days.
License Waste · AI Layer
ChatGPT Claude Cursor Perplexity Copilot Gemini Midjourney Notion AI + 15 more

Right-sized governance

Built for the mid-market IT director, not the Fortune 500 procurement cycle.

The platforms that govern AI agents end-to-end ship as six-figure enterprise contracts with months-long deploy cycles. Thalian sits in between: real AI agent governance, self-serve onboarding, and a price you can find on the pricing page.

Listed pricing, no enterprise gate

Pro is $179 per month, with annual at 20% off. Free covers 25 identities and 3 integrations. The pricing page is right below this one. There's no "contact sales" wall in front of basic features.

First findings during the first sync

OAuth into Okta. AI agent findings start surfacing during the first sync, in under two minutes for most workspaces. No deploy cycle, no Solutions Architect engagement, no ninety-day implementation timeline.

Works with what you already have

Thalian connects to Okta, Entra ID, Intune, Jamf, CrowdStrike, and thirty-five other tools you probably already run. Adding Thalian doesn't mean rebuying your identity stack, and it doesn't lock you into a single-vendor bundle.

Who it's for

Built for the people running IT for real

Whether you're running IT alone, leading a team, managing multiple clients, or owning offboarding from the HR side. Thalian speaks your language.

IT Directors

Too many tools, no single pane of glass. Thalian joins identity, device, and app data into findings no single tool can see.

Solo IT Admins

You're the whole IT team. Thalian ranks findings in plain language by risk and dollar impact, so you can read one screen, not six dashboards.

MSPs & IT consultants

Every client's stack is different. Thalian gives you consistent visibility and remediation across every workspace you run.

People Ops & HR

Offboarding is an HRIS ticket today. Not proof. Thalian joins Rippling, BambooHR, and Workday with identity data to prove ex-employees actually lost access.

Beyond AI agents

AI agents are the lead, not the limit.

The same cross-platform engine that governs AI agents also catches admin MFA gaps, device drift, OAuth shadow IT, and stale entitlements. Every finding is a sentence: subject, condition, consequence.

thalian · example workspace
142
Identities
8 admins · 3 inactive
38
Applications
12 shadow IT
6
Open Risks
2 critical
89
Devices
82% compliant
24
Workspace Risk
/ 100 · Moderate

Top Findings

2 admins have full Salesforce access without MFA enabled in Okta. One hasn't logged in for 34 days.
2h ago
Okta + Salesforce
8 non-compliant Intune devices belong to users with admin roles. 3 also have encryption disabled.
6h ago
Intune + Okta
Notion, Loom, and Calendly were authorized via OAuth with sensitive scopes. None are SSO-managed or IT-approved.
1d ago
Google Workspace OAuth Audit
12 Okta AI Agents have no documented human owner. Anthropic spend on agent service accounts is up 47% in the last 14 days.
2d ago
Okta AI Agents + Anthropic

See it live

The platform, before you book a call

Real data from a seeded workspace. Click through the features your team would use every day.

thalian · security posture & drift

Integrations

Works with the tools you already use

Connect your identity, endpoint, security, ITSM, and communication tools. OAuth setup. Most connect in under 2 minutes.

Okta Microsoft Entra ID Google Workspace JumpCloud OneLogin Microsoft Intune Jamf Pro Iru Hexnode CrowdStrike Falcon SentinelOne AWS IAM Google Cloud IAM Azure RBAC Rippling BambooHR GitHub GitLab Slack Microsoft Teams Salesforce Zoom Box Workday Jira / JSM ServiceNow Confluence Cisco Meraki Auvik Zendesk Freshservice Datadog PingOne

+ more added regularly

Pricing

AI agent governance, priced for the mid-market

Govern AI agents and non-human identities alongside the rest of your stack. Start free, upgrade to Pro at $179/mo when you're ready. Every plan includes a 30-day Pro trial, no credit card.

Free
$0
Your plan after the trial ends
For teams under 25 identities. Baseline visibility to see what Thalian detects.
  • Up to 25 identities
  • Up to 3 integrations
  • 7-day data retention
  • 25 AI queries/day
  • Includes:
  • AI assistant
  • 415+ cross-platform detection rules
  • Manual remediation actions
Pro
$179 /mo
or $1,690/yr, save 20% · no credit card required
Best for teams up to ~500 identities who need automated remediation and compliance mapping.
  • Up to 500 identities
  • Unlimited integrations
  • 1-year data retention
  • 100 AI queries/day
  • Everything in Free, plus:
  • Causality Insights & root cause analysis
  • Automated remediation execution
  • Approval workflows (Slack & Teams)
  • SOC 2, ISO 27001, NIST CSF 2.0 & ISO 42001 mapping
  • Access review campaigns
  • Executive PDF & board-ready reports
  • Auto-alert dispatch to ITSM
  • Email support
Start 30-Day Pro Trial
Enterprise
Custom
Tailored for your organization
For 500+ identities, or any team that requires SSO/SAML, SCIM, custom SLA, or a dedicated environment.
  • Unlimited identities
  • Unlimited integrations
  • Unlimited data retention
  • Unlimited AI queries
  • Everything in Pro, plus:
  • SSO / SAML enforcement
  • SCIM provisioning
  • IP allowlisting
  • Role-based access controls
  • Claude Opus AI model
  • Unlimited audit log retention
  • Audit log export for SIEM
  • Custom SLA
  • Dedicated account manager
  • Onboarding & training

Questions? See our FAQ below.

FAQ

Common questions

How does Thalian detect IT security risks?
Thalian syncs data from your connected tools and runs 415+ cross-platform analysis rules to find risks like stale admin accounts, offboarding gaps, shadow IT, and MFA coverage gaps that only appear when data from multiple systems is analyzed together.
How long does it take to get started?
Connect Okta or Google Workspace in under 3 minutes. Thalian starts generating findings immediately. Most teams review their full initial risk report in the same session. No professional services, no deployment project, no waiting.
Is my data secure?
Yes. Thalian reads metadata and access signals from your tools. It never stores passwords, file contents, or message data. Data is encrypted in transit and at rest, and you can disconnect any integration at any time.
Does Thalian help with compliance?
Yes. Thalian's findings map directly to controls in SOC 2, ISO 27001, and common security frameworks. If you're preparing for an audit or just need to show your security posture to a customer, your findings dashboard is a live view of where you stand.

Start finding what your tools are missing

Connect your first integration in under 2 minutes. Thalian starts generating findings immediately.

Get Started Free See a Demo

Try every Pro feature free for 30 days. Keep Pro, go Enterprise, or stay on our free plan, no pressure.

Request demo access

Request received!
We'll be in touch shortly with your demo access.