Pragmatic cybersecurity
software house.
We publish our own products.
We build the ones you can't buy.
Pragmable is a Paris-based cybersecurity editor. We publish our own products — flagship: Whocan — and we build bespoke security software for regulated operators whose problems no off-the-shelf tool can touch. Two modes, one discipline.
Software we ship to everyone.
Authorization tooling for the cloud, sold under the Pragmable brand. Whocan is in private beta with early operators; a second product in early design partnership. Free tier, paid tier, on-prem option on the roadmap.
Software we build with you.
You bring the hard problem — a regulator deadline, a custom IAM graph, an internal framework no vendor will touch. We bring engineers who've shipped secure cloud systems for banks, telcos, and critical infrastructure. We co-design, we build, we hand it back.
FROM: the founders, Paris
RE: what kind of company Pragmable is
Most security vendors decide what you need before they meet you. We are the opposite.
We started Pragmable because the institutions that most need serious cloud security tooling — private banks, telcos, healthcare networks, defense suppliers — are the ones least served by a generic SaaS dashboard. Their environments are too specific, their regulators too demanding, their data residency too sensitive.
So we built two engines under one roof. Products, where we take a problem we see across the industry and ship a single, opinionated tool — that's Whocan. And bespoke builds, where a customer brings us a problem nobody else will touch, and we bring the heavy tech: source-level ingestion pipelines, custom policy engines, on-prem evaluators, sovereign-cloud distributions, formal-verification components.
Both paths share the same discipline. We listen first. We build at the source. We sign the code. We never ship performative security.
Co-founder, CEO signed · Paris, IXᵉ
Custom policy evaluators at the source.
Six-layer chain evaluators, ABAC graph systems, policy-as-code compilers, condition-key coverage — built bespoke when off-the-shelf can't cover your model.
IAM graph & behavioral detection pipelines.
Continuous re-evaluation pipelines, blast-radius simulators, deviation detectors — built on streaming infra that scales to millions of principals.
On-prem & SecNumCloud distributions.
Air-gapped builds, SecNumCloud-ready packaging, HDS-compatible deployments. Ship security tooling to environments that cannot phone home.
Provable policy correctness.
SMT-backed policy verification, model-checked authorization rules, machine-checked invariants. For environments where "we tested it" isn't a defense.
Domain-specific query languages.
RQL was our first. We've designed and shipped three more for clients — compliance DSLs, audit query languages, configuration grammars. Compiler-grade.
All three modes share one constant: we own the build's security, quality, and fix lifecycle ourselves. No offshore patches. No third-party hand-offs. Residency follows your workload — EU, US, on-prem, or sovereign-cloud / SecNumCloud-ready.
Co-design sprint.
4–6 weeks. We sit alongside your security architects to scope the problem, model the threat surface, and produce a written technical specification — buildable by us or by your team. No code commitment.
Bespoke build.
3–9 months. We build the system end-to-end: architecture, code, tests, deployment. Source code is yours under perpetual license. We can hand it off, or we can stay on for operations.
Build & operate.
12+ months. We build the system and run it for you — SLA, on-call, continuous evolution. You stay the data controller; we stay the engineering team. Residency follows your workload.
Pragmatic by name and method.
We build for the threat in front of us, not the dashboard we'd like to sell. Every tool we ship answers a question a security architect actually asks. The name is the discipline.
Built secure. Operated secure.
Provenance-signed builds, reproducible artefacts, hosting that follows the workload. We own every fix ourselves — no offshore patches, no third-party rotations on our own advisories.
If we don't know, we say so.
We surface ugly answers plainly — even when they cost us the deal. Every advisory and every commit is signed by a named engineer. If we are wrong, you know by whom.
Full scope. Not the hyped 10%.
Most tools profile the headlines — the famous CVEs, the ten condition keys everyone benchmarks. We instrument the full surface: every action, every condition, every chained trust path. Hype is optional.