What the problem was

Every monitoring and compliance product builds its own little silo. Trust Score lives in tool A, compliance in tool B, audit in tool C, and nobody combines them into a single number for the boardroom.

One table: signal_streams

Cert scans, DNS hygiene, secrets, backup status, clock drift, endpoint posture, container hygiene, license, identity, supply chain — all fan-in into one hypertable.

One KPI: Trust Score

Severity-weight ladder, weighted average over 8 categories, reproducible via inputs_hash. Dashboards on top.

One bundle: Auditor Workbench

External accountant gets one ZIP with evidence packs, offline verify script and signing-keys snapshot. No access to your live data.

11 dashboards on top of the same data

All from signal_streams + the existing inventory and AI tables. No duplication, no drift.

Trust Score

Score circle 0–100 + 8 category bars + 90d trend + top contributors.

Anomaly Correlation

Stream of signal clusters per subject in 15-min windows. Ack button per cluster.

MTTR & MTTA

MTTA + MTTR p50/p95 per (scope, severity) over 90d. Chronically-ignored flag on MTTA p50 > 7d.

Blast Radius

Concentric SVG: pick a node, see 2-hop downstream impact + danger color from open signals.

Identity Surface

Per person: in which systems they are present. No auto-correlation by email — admin links explicitly.

Compliance Timeline

Heatmap of controls × month, dark-green/light-green/orange/red/grey + Auditor-mode toggle.

Cost-to-Compliance Pareto

Which failing controls give the most compliance gain per effort. Sort by gain ↓, effort ↑.

Evidence Pack Health

Heatmap module × 18m: missing / present / signed_active / signed_rot.

AI Cost × PII Quadrant

Per AI app: cost (log-X) vs PII rate (linear-Y). Bubble size = traces. Top right = danger zone.

Auditor Workbench

Generate a ZIP bundle for an external accountant. One-shot download URL, 24h expiry.

Auditor page →

MSP Cockpit

Cross-tenant overview for MSP operators. Table sortable by urgency composite.

MSP page →

Architecture in one code block

Every worker, ingest handler and hub-side scanner writes through one Go interface into one table. Adding a new check = one entry in SourceToCategory + one Emit() call.

emitter.Emit(ctx, tenantID, signals.Signal{
    Source:      "cert_scan",
    SubjectType: "endpoint",
    SubjectID:   "api.example.com:443",
    Key:         "cert.expiring_soon",
    Value:       map[string]any{"value": 17, "fingerprint": "sha256:..."},
    Severity:    signals.SeverityMedium,
    ObservedAt:  time.Now().UTC(),
})

RLS is enabled on signal_streams (defence-in-depth). Production queries use explicit tenant_id WHERE clauses.

Who is this for?

Operators

Trust Score, Anomaly Correlation, Blast Radius, Cost-to-Compliance Pareto. The rest of the platform works as before.

Start free →

External auditors

Read-only auditor role, TOTP-gated bundle export, offline verify without monsys credentials.

For auditors →

MSP operators

Cross-tenant cockpit with urgency sorting. White-labelled for your own customers.

For MSPs →

Start today

Connected Dashboards ships with every monsys account. No extra price, no separate module.

Start free Read the docs

WHITEPAPER

The full story in 25 pages

Architecture, Trust Score formula, supply-chain pipeline, NIS2 / AI Act / CRA mapping. Free PDF after a short form.

Download whitepaper →

One Trust Score that captures it all — from cert renewals to AI PII