Live Request Feed
Real-time view of every data request intercepted by the governance proxy
Waiting for agent requests…
Open the agent UI and ask a question.
Open the agent UI and ask a question.
All Sessions
0
No sessions yet
🔍
Select a session to view
its governance timeline
its governance timeline
Data Sources
Connected databases and APIs — classified by PII sensitivity
Deployment
Organization-level configuration. Changes are saved to the proxy config bundle; click Apply changes in Configured sources below to restart the proxy and pick them up.
Customer ID (used as prefix for audit log groups and Redis keys)
Display name
Industry
Configured sources
Add, edit, or remove the upstream databases the proxy governs. Changes are saved immediately to the proxy config; click Apply changes to restart the proxy (~30–60s downtime) so the new pools come up.
| ID | Type | Secret ARN | Governed objects | |
|---|---|---|---|---|
| Loading… | ||||
Discovered fields
Loading…
PII Classification Legend
Direct IDName, email, SSN, per-person FKs — S = 1.0, I = 1.0
CredentialAPI key, token, password — S = 1.0
BiometricFingerprint, face/voice template — BIPA; S = 0.85
Criminal RecordConvictions, arrests, background — FCRA; S = 0.85
HealthDiagnosis, plan, claims — HIPAA; S = 0.80
Special CategoryRace, religion, politics, sex life — GDPR Art. 9; S = 0.80
FinancialSalary, debt, FICO, bankruptcy, payments — S = 0.70
Precise LocationGPS lat/lon, sub-ZIP geo — CCPA sensitive PI; S = 0.70
Content SensitiveFree text — NER scanned at query time; S = 0.50
Vehicle IDVIN, license plate — CCPA PI; S = 0.30
Device IDIMEI, MAC, IDFA/AAID — CCPA PI; S = 0.30
Quasi-IDZIP, DOB, gender, IP — entropy bits; S = 0.20
DemographicDepartment, performance band — S = 0.10
Non-SensitiveTimestamps, counts, flags — S = 0.0
UnknownPending async classification
System Health
Live status of all proxy instances and latency performance
Loading…
—
Data Sources
Loading…
Proxy Performance
Loading…
Audit Log
Every data request recorded by the governance proxy
Loading…
Classification
LLM classification queue and results for unknown fields
Performance
—
Fields Classified
—
Avg Latency
—
p95
—
p99
Pending Queue
0
No items in queue
Classified
0
No classifications yet
Needs Review
0
No items
Governance Policies
Configure enforcement rules — changes apply to the proxy immediately
Unknown field policy
| Type | Policy | Roles | Action | Enabled |
|---|
Regulatory Frameworks
Framework scoring models, enforcement thresholds, and HIPAA Safe Harbor configuration
Frameworks
GDPR — General Data Protection Regulation
Scores identifiability I across accumulated fields. GDPR = I × (1 + minimization penalty + Art.9 penalty). Redaction kicks in when score ≥ threshold; CEO is exempt as data controller.
HIPAA — Health Insurance Portability and Accountability Act
Multiplicative model: HIPAA = I × H, where H combines a base health-data weight and cross-source bonus. Neither identifiers nor health data alone trigger PHI risk — both must be present. No role exemption.
CCPA — California Consumer Privacy Act
Scores breadth of consumer data assembled in a session. CCPA = I × breadth_factor, where breadth rises with the number of distinct sensitive categories accessed. CEO exempt from enforcement.
HIPAA Safe Harbor
⚕ Safe Harbor De-identification
When enabled, the 18 HIPAA Safe Harbor identifiers (name, zip, DOB, email, employee ID, medical plan code) are redacted from any response that also contains health data, regardless of role or purpose.
Risk Score Thresholds
GDPR
0.70
I × (1 + minimization + Art.9) ≥ threshold → redact
HIPAA
0.80
I × H + loaded-gun bonus ≥ threshold → redact
CCPA
0.70
I × breadth_factor ≥ threshold → redact
Threshold changes apply live to enforcement and persist across proxy restarts.
Identity & Access
Map agent usernames to governance roles
Provisioned agent users
| Username | Role | Agent class | Created | |
|---|---|---|---|---|
| Loading… | ||||
What each role allows
Derived from the Policies tab. Use this as a quick reference when choosing a role above — admin can't edit these fields here.
| Role | Blocked fields | Redacted fields | Policies |
|---|
Field Categories
Operator overrides on classification. Admin entries win over the static built-in table and over LLM-classified entries.
Filters
Classifications
| Field | Data source | Current category | Tier | Conflicts | Override | Scope |
|---|