Kenzo Identity Risk Engine is an identity-focused security platform that analyzes user and cloud entity behavior to identify high-risk users within an environment. The platform performs user identity resolution by consolidating multiple identity dimensions including cloud accounts, workstations, SSO, email, and SaaS user IDs into a single entity definition. The engine correlates disparate security inputs such as alerts, events, anomalies, and threat intelligence to identify and prioritize risky entities over extended time periods. This correlation approach shifts the security methodology from alert-centric to risk-centric operations, reducing alert fatigue. The platform models user and cloud entity behavior over time by leveraging insights and alerts across the security environment to detect anomalous patterns. It uses agentic AI to establish normal behavior baselines across multiple data sources and cohorts, enabling detection of adversaries utilizing "low and slow" attack tactics. The system provides comprehensive insights into user and entity behavior by analyzing patterns across multiple dimensions and time periods. It is designed to integrate with existing security infrastructure and transform legacy SIEM and security stacks into AI-native security operations platforms.