About

Security people, building the tool we always wanted.

Bastion AI exists to close the gap between finding Microsoft 365 / Entra security problems and fixing them — a read-only assessment, AI that prioritizes real risk, and the exact fix your team approves and applies.

Why we built it

Security teams drown in findings and starve for fixes. Scanners surface thousands of issues; almost none get remediated, because remediation is slow, risky, and manual. Bastion changes that ratio for Microsoft 365 / Entra: a read-only assessment that correlates Entra, Intune, and Defender, prioritizes what an attacker would actually use, and hands your team the exact, runnable fix for each finding — which you approve and apply.

What we believe

Human-approved by default

Automation does the work; people make the calls. Nothing changes in your environment without explicit approval.

Bring your own key

You own your model accounts, data, and spend. We never resell access or lock you in.

Outcomes over noise

We prioritize real, exploitable risk and measure ourselves on attack surface reduced — not alerts generated.

Honest by default

We say what we do, what we don't, and where we're headed. No vanity metrics, no claims we can't back.

Who we are

We are a team building Bastion with backgrounds across offensive security, network and cloud operations, and applied machine learning. We have lived the pain of standing up detection and remediation in real environments — and we are building the tool we wished we had.

Samuel Goedeck

Samuel Goedeck

Principal Security Engineer

Samuel leads the engineering behind Bastion's Microsoft 365 security assessment platform. He designed the read-only assessment engine that securely analyzes Microsoft Entra ID, Intune, Microsoft Defender, and Exchange Online configuration across the identity and endpoint control plane — without requiring invasive access or production changes.

His work focuses on transforming Microsoft's complex security ecosystem into clear, actionable recommendations. Samuel also architects the remediation engine that maps security findings to precise administrative actions, allowing organizations to strengthen their security posture quickly and confidently.

His expertise spans identity security, Microsoft Graph, Zero Trust architecture, cloud security engineering, and large-scale automation.

Justin Williams

Justin Williams

Director of Detection & Response

Justin leads Bastion's Detection & Response capabilities, bridging the gap between security assessments and operational security. His team transforms raw findings into prioritized investigations, ensuring administrators understand which issues require immediate attention and which can be addressed strategically.

He specializes in correlating identity events, endpoint telemetry, cloud activity, and security alerts to identify real-world attack paths instead of isolated warnings. His work ensures Bastion delivers meaningful risk analysis rather than overwhelming customers with thousands of disconnected findings.

Justin's background includes security operations, incident response, threat detection engineering, SIEM architecture, and enterprise security monitoring.

Samantha Foley

Samantha Foley

Director of Cloud & Identity Engineering

Samantha oversees Bastion's cloud integration platform, building and maintaining the Microsoft Entra ID, Microsoft Intune, Microsoft Defender, Exchange Online, and Microsoft Graph connectors that power the platform.

She leads development of Bastion's identity correlation engine, ensuring security data collected from multiple Microsoft services is normalized into a unified security model. Her work allows organizations to understand how users, devices, applications, permissions, and security controls interact across their Microsoft 365 environment.

Her expertise includes cloud identity, enterprise mobility, endpoint management, Microsoft security architecture, API development, and Zero Trust implementation.

Donna Sanford

Donna Sanford

Director of Applied Machine Learning

Donna leads Bastion's Applied Machine Learning initiatives, developing the intelligence layer that helps organizations focus on the security issues that matter most. Rather than simply reporting configuration problems, her systems evaluate risk, identify likely attack paths, prioritize remediation, and generate administrator-ready guidance.

Her work combines machine learning with cybersecurity expertise to reduce alert fatigue and accelerate decision making. By analyzing relationships across identity, device, configuration, and threat data, her models help security teams spend less time interpreting findings and more time resolving them.

Donna specializes in applied artificial intelligence, machine learning systems, cybersecurity analytics, natural language generation, and intelligent automation for enterprise security.

Design partners welcome

We work closely with a small group of design partners to shape the product around real-world security operations. If you want early access and a direct line to the roadmap, get in touch.

Where to find us

Bastion AI · 2150 N First St, San Jose, CA 95131 · info@bastionsecurity.dev · (408) 785-0763