CONNECTED DASHBOARDS

One Trust Score that captures it all — from cert renewals to AI PII

Twelve signal sources, one table, a handful of overviews. No more 15 silo tables and no more separate dashboards that don't talk to each other.

Start free Read the docs

What the problem was

Every monitoring and compliance product builds its own little silo. Trust Score lives in tool A, compliance in tool B, audit in tool C, and nobody combines them into a single number for the boardroom.

One table: signal_streams

Cert scans, DNS hygiene, secrets, backup status, clock drift, endpoint posture, container hygiene, license, identity, supply chain — all fan-in into one hypertable.

One KPI: Trust Score

Severity-weight ladder, weighted average over 8 categories, reproducible via inputs_hash. Dashboards on top.

One bundle: Auditor Workbench

External accountant gets one ZIP with evidence packs, offline verify script and signing-keys snapshot. No access to your live data.

11 dashboards on top of the same data

All from signal_streams + the existing inventory and AI tables. No duplication, no drift.

Trust Score — Score circle 0–100 + 8 category bars + 90d trend + top contributors.
Anomaly Correlation — Stream of signal clusters per subject in 15-min windows. Ack button per cluster.
MTTR & MTTA — MTTA + MTTR p50/p95 per (scope, severity) over 90d. Chronically-ignored flag on MTTA p50 > 7d.
Blast Radius — Concentric SVG: pick a node, see 2-hop downstream impact + danger color from open signals.
Identity Surface — Per person: in which systems they are present. No auto-correlation by email — admin links explicitly.
Compliance Timeline — Heatmap of controls × month, dark-green/light-green/orange/red/grey + Auditor-mode toggle.
Cost-to-Compliance Pareto — Which failing controls give the most compliance gain per effort. Sort by gain ↓, effort ↑.
Evidence Pack Health — Heatmap module × 18m: missing / present / signed_active / signed_rot.
AI Cost × PII Quadrant — Per AI app: cost (log-X) vs PII rate (linear-Y). Bubble size = traces. Top right = danger zone.
Auditor Workbench — Generate a ZIP bundle for an external accountant. One-shot download URL, 24h expiry.
MSP Cockpit — Cross-tenant overview for MSP operators. Table sortable by urgency composite.

Architecture in one code block

Every worker, ingest handler and hub-side scanner writes through one Go interface into one table. Adding a new check = one entry in SourceToCategory + one Emit() call.

emitter.Emit(ctx, tenantID, signals.Signal{
    Source:      "cert_scan",
    SubjectType: "endpoint",
    SubjectID:   "api.example.com:443",
    Key:         "cert.expiring_soon",
    Value:       map[string]any{"value": 17, "fingerprint": "sha256:..."},
    Severity:    signals.SeverityMedium,
    ObservedAt:  time.Now().UTC(),
})

RLS is enabled on signal_streams (defence-in-depth). Production queries use explicit tenant_id WHERE clauses.

Who is this for?

Operators

Trust Score, Anomaly Correlation, Blast Radius, Cost-to-Compliance Pareto. The rest of the platform works as before.

Start free →

External auditors

Read-only auditor role, TOTP-gated bundle export, offline verify without monsys credentials.

For auditors →

MSP operators

Cross-tenant cockpit with urgency sorting. White-labelled for your own customers.

For MSPs →