about unshadow

we map your access, then we help you fix it

unshadow is a specialist practice in identity, SaaS, and AI security. We work with European mid-market companies that grew faster than the systems governing their access.

We map what's there, prioritize what matters, and help you secure it

Our key security partners:

Most security problems at growing companies get called technical.

The real issue is visibility

Companies grow. Tools get added, people change roles, contractors finish and move on. The systems meant to govern who can reach what never quite keep up.

What's left is a gap between what the directory says and what's actually true: stale accounts, admin rights that outlived their purpose, SaaS apps connected without review, AI tools handling company data nobody signed off on. None of it triggers an alert. It just accumulates.

Every security effort depends on closing that gap first. You can't revoke access you don't know exists, or govern tools that aren't on any list. Visibility comes first, and everything else depends on it.

what we do

one practice, three domains

identity

Who can reach what, and whether they still should. Former employees still in the directory, users without MFA, admin accounts running unprotected, service accounts nobody owns.. and many, many more.

saas

Every app touching your data, including the ones IT never approved. OAuth grants with broad scopes, trial integrations still live months later, licenses for tools nobody opens..

ai

Your team already uses AI with their personal accounts, browser extensions, connectors pulling internal content.

what we don't do

where we can help, and where we'll point you somewhere else

We go deep on the access layer: identity, saas, artificial intelligence, as well as the data and credentials that move between them.

It's where most security conversations now start, because the way in is almost always an account or a credential. Around that core, we also help map the wider picture, what your security actually needs and in what order. Then we can help you choose it, license it, and put it in.

There's plenty we don't do, though. We don't run a 24/7 SOC, we don't run penetration tests, and we don't manage infrastructure. When that's what you need, we'll say so and point you to people who do it well.

our core team

Julian Machowski
Head of Technical Sales
An experienced solutions architect who leads the technical side, scoping and engineering the implementation from the first conversation through to the tools running in your environment.
Let's connect on LinkedIn
Dawid Winiarski
Head of Commercial
Comes at security from the business and strategy side, having previously run VC-funded startups, and focuses on what tech teams and leadership actually grapple with: real control over who can reach what, and keeping pace with both risks and regulations.
Let's connect on LinkedIn

let's start with a conversation

Most first conversations start with not quite knowing what you have or where to begin. That's normal, and it's exactly where we're useful.

Tell us what prompted this. An upcoming audit, an incident, a client's security questionnaire, or just a sense that things have gotten messy.

We'll take it from there

Julian Machowski
Head of Technical Sales
+48 783 762 997
julian@unshadowit.com
Let's connect on LinkedIn
Message received. We'll be in touch soon.
Something failed. Try again or call us directly.
areas
Identity & Access ManagementSaaS Security & GovernanceAI Security & Governance
services
the Access Scan
resources
O nasKontaktPortfolio
company
Privacy PolicyCookie settings
© 2026 unshadow. all rights reserved.