Gathid’s Identity Knowledge Graph
This section explains how Gathid models identity using a graph — and why those design decisions matter.
What Gathid’s graph models
Gathid models identity-relevant entities as nodes, including:
-
People (employees, contractors)
-
Non-human identities (service accounts, applications)
-
Accounts
-
Systems
-
Groups
-
Roles
These nodes are connected by explicit relationships such as:
-
Membership
-
Ownership
-
Entitlement
-
Linkage
The graph exists to reflect identity reality, not policy intent.
Relationship-first by design
Unlike relational systems, Gathid:
-
Persists relationships directly
-
Traverses them natively
-
Reasons across multiple hops
This enables detection of:
-
Indirect privilege
-
Nested access paths
-
Orphaned ownership
-
Transitive risk
These signals cannot be reliably derived from tables alone.
Native data, not abstracted assumptions
Gathid ingests native identity data from source systems.
It does not rely on:
-
Normalised abstractions
-
Simplified role models
-
Assumed hierarchies
If a system represents access in a messy or complex way, the graph reflects that reality — rather than hiding it.
Why rebuilds matter
Gathid rebuilds the identity graph from authoritative data on a regular cadence.
A rebuild:
-
Clears the existing graph
-
Reconstructs it from source truth
-
Eliminates historical artefacts
This avoids:
-
Drift
-
Partial truth
-
False confidence
The result is a current-state digital twin of identity.
Why traversal changes the questions you can ask
Instead of asking:
“Which accounts match these filters?”
Gathid asks:
“What access paths exist — and what do they imply?”
That shift is fundamental.
➡️ Next: What this enables in real partner engagements.