Dashboard Overview
π Getting Started
- 1Connect a data source and test it.
- 2Scan for discovery and classification.
- 3Review Classification, Compliance, Lineage, and Risk.
π Recent Activity
Connect Data Sources
Add a database, test it, and click πΎ Save. Saved connections are stored encrypted in your app database, available everywhere (Scan, Schedules), and auto-verified before each scan β so you never reconnect after a refresh.
Your connections
0Add a connection
Pick a source type, fill in the details, then Test and Save. Saved connections appear above and are available across the app.
How do I connect my database?
β‘ Supabase (PostgreSQL) β easiest path: click the Supabase preset, then paste your database password.
- In Supabase: Project Settings β Database β Connection string. Use the Session pooler (port
5432). - Fields: Host
<pooler host>(e.g.aws-1-xx.pooler.supabase.com), Port5432, Databasepostgres, Usernamepostgres, Password<your DB password>. - Tick Require SSL (required for Supabase). Click Test β green β Save.
π PostgreSQL (any other hosted Postgres) β same fields with your own host/port/user/password; tick Require SSL for managed/cloud databases.
π MongoDB (Atlas) β paste your full connection string into the Password field.
- In Atlas: add a Database User, then Network Access β Add IP (your IP, or
0.0.0.0/0for testing). - Connect β Drivers β Python β copy the
mongodb+srv://...string. - Fields: Type
MongoDB, Database<your db name>, Password paste the fullmongodb+srv://...URI. Host/Port/Username are ignored when the URI is in Password. - Click Test β green (shows your collections) β Save β Run scan.
After a successful test, click Save to keep the connection, then switch to the Scan tab and run a scan to classify your fields.
Data Discovery Scan
Scan the connected data source in real time. Add a connection on the Connect tab first.
Saved connections persist in your app database. Pick one or more and scan them together in a single run; no need to reconnect after a refresh. (Add or edit connections on the Connect tab.)
π§ AI Classification
Toggle on to enhance rule-based PII/PHI/PCI detection with the centrally-configured LLM (Settings β AI / LLM). No per-scan API keys; the scan validates the central AI settings first and is blocked if they are missing or invalid.
Classification Report
PII/PHI/PCI detection and risk recommendations, for the selected scan.
Field Classifications
Compliance Mapping
SOC 2, ISO 27001, GDPR, and HIPAA controls mapped to your data.
Control Gaps
Data Lineage
Trace how data flows from databases through tables to sensitive fields: the blast radius an auditor maps.
Risk Analysis
Overall risk score, top sensitive elements, and breach cost estimates.
Top Risks
Recommendations
π§ Lineage Exposure
Sensitive fields whose tables are most connected across the lineage graph, the widest breach surface.
Data Quality Dashboard
Completeness, uniqueness, validity, duplicates, and outliers across all discovered columns.
Quality Metrics
Top Issues
Per-Table Quality
Recommendations
Data Governance Policies
Auto-suggested masking, encryption, retention, and access policies from classification results. Works rule-based out of the box β enable AI Policies Suggestion to generate LLM-backed action & rationale (fetched centrally from Settings β AI / LLM).
π§ AI Policies Suggestion
Toggle on to use the centrally-configured LLM for policy action & rationale. AI settings are validated before suggesting. Leave it off to use the rule-based suggestion engine (no LLM required).
Policy Inventory
Scheduled Scans
Recurring discovery scans run automatically in the background.
Active Schedules
Audit Trail
Append-only log of governance actions, separated by scan and application scope.
Recent Events
User Management
Create users, assign roles, reset passwords, and deactivate accounts.
Users
Scan History
Saved scans. Click View to load any past scan's details back into the dashboard.
Previous Scans
π€ AI Governance Assistant
An agentic assistant that inspects your scan and acts on policies. Ask it anything.
β¨ AI Governance Tools
RAG compliance, semantic inventory search, drift detection, governed query, auto-remediation, synthetic data, narratives, and label propagation. All run with rule-based fallbacks and upgrade with an enabled LLM.
π Natural-Language Inventory Search
Natural-language field search. Rank scanned fields by meaning, e.g. "Where's the PII?".
βοΈ Cited Compliance (RAG)
Grounded control mapping with citations + evidence.
𧬠Scan Diff / Drift
Added/removed fields, classification changes, risk drift.
π‘οΈ Governed Query (NLβSQL)
Generates a safe SELECT and evaluates role access with masking. Requires LLM.
π§ Auto-Remediation
Generate a remediation artifact (masking view / encryption / access rule) for a policy.
π Synthetic Data
Download synthetic rows with PII/PHI/PCI replaced by fakes. Never writes back to the source.
π Explanatory Narrative
Auditor-ready prose for compliance or risk reports.
π·οΈ Label Propagation
Suggest labels for unlabeled fields by similarity to known PII/PHI/PCI.
π Data Dictionary & Glossary
Auto-generate plain-English business definitions and a glossary term for every column from its name, type, and sample data (uses the central LLM; falls back to name heuristics).
Settings
Application configuration. Settings load automatically when you open this tab; edit any field and apply everything with one click. Secrets are masked.