/dashboard

Where your security team actually operates.

17 pages, 32 API routes, real-time WebSocket risk feed, Monaco-powered policy editor with hot reload, custom rules DSL, agent registry with scoped credentials, kill switch, audit trail with PII tokenisation, RBAC, OIDC SSO. Hosted at app.clampd.dev or self-hosted in your VPC.

Stack: Next.js 16 · React 19 · Fastify 5 · Drizzle · Postgres Routes: 17 dashboard pages · 32 API endpoints Live: WebSocket risk feed · WS-driven kill propagation

What dashboard is for (and isn't)

Dashboard is the operational surface: kill an agent right now, suspend one, edit a policy, approve a tool descriptor, change a threshold, manage members. Real-time, action-oriented, used during incidents and during normal ops by SecOps and SREs.

Two adjacent surfaces are being split into separate products. Clampd is source-available under BSL-1.1 with a Free tier (Design Partner) and an Enterprise tier; the raw audit data lives in your own ClickHouse / Postgres on every tier and is queryable directly. The maintained workflows on top are Enterprise.

clampd-reports — for GRC and compliance. Free tier: raw queryable audit trail. Enterprise: HIPAA/GDPR/SOC 2/PCI-DSS evidence templates kept current as regulations evolve, scheduled delivery, exportable PDF/CSV.
clampd-replay — for forensics, insurance, regulators. Free tier: raw audit data, manual reconstruction. Enterprise: auto-generated incident packets, chain-of-custody signing, multi-cluster federation, long-term retention.

You can rebuild any of the Enterprise workflows yourself from the raw data — most teams find the maintenance overhead isn't worth it, which is what the paid tier is for. There's no encryption-with-vendor-key gating; your data is yours either way.

Operational data flow

Every operator action goes through ag-control. The dashboard is a thin UI on top of an audited control plane.

The 17 management pages

Overview /

Live operational view. Active agents, recent denials, top matched rules, current EMA risk distribution, throughput.

Agents /agents

Agent registry with scoped credentials. Per-agent state (active / suspended / killed), boundary config, recent calls.

Kill /kill

Emergency kill switch. Per-agent kill, descendant cascade option, per-layer cascade results, idempotent.

Policies /policies

Cedar policy editor with Monaco, syntax highlighting, validation, hot-reload across the fleet within seconds.

Rules /rules

Custom rules DSL. Browse the 263 built-ins by category, OWASP LLM tag, or regulation. Add / disable / score-tune.

Tool descriptors /tool-descriptors

Discovered tools awaiting category assignment. SHA-256 descriptor hashes for rug-pull detection. Approve/deny.

Audit trail /audit-trail

SQL-queryable ClickHouse audit. Filter by tool, agent, denial reason, time. PII automatically tokenised.

Delegation /delegation

Agent-to-agent delegation graph. Approved peer relationships, depth limits, cycle detection.

Delegation analytics /delegation-analytics

Per-pair call counts, cross-agent risk patterns, escalation chains over time.

Thresholds /thresholds

Per-org tuning of risk thresholds (block, flag, auto-suspend EMA), gray-zone bounds for LLM judge.

Scope exemptions /scope-exemptions

13 exemptable rules, 62 never-exemptable. Granted scopes per agent, expiry, full audit on every approve.

Workflows /workflows

Approval workflows for high-risk actions. Slack approval, multi-step gates, expiry.

Protected entities /protected-entities

Tag specific resources (DBs, repos, customers) as protected; policies fire when an agent touches them.

Keywords /keywords

Custom keyword dictionaries — your industry's PII patterns, internal product names, competitor mentions.

API keys /api-keys

Org-scoped API keys with permissions (read / write / kill). Rotation, last-used timestamps.

Bundles /bundles

Pre-built rule packs (industry-specific, OWASP-aligned, compliance-driven). Install with one click.

Settings /settings

Org config, OIDC SSO (Okta / Azure AD / Keycloak), members + RBAC, billing, webhooks, Slack/PagerDuty.

Architecture

Modern stack with strict separation of concerns. The dashboard is the operator-facing surface only; it does not directly write to runtime state.

Web: Next.js 16.1 + React 19.2 (App Router) API: Fastify 5 ORM: Drizzle DB: PostgreSQL 16 Audit: ClickHouse 24 Live feed: WebSocket → ag-risk Auth: JWT (HS256) + OIDC SSO Billing: Stripe

Architectural rule we don't break

The dashboard never writes directly to Redis. Every runtime state mutation (kill, suspend, scope grant, policy update) goes through ag-control over WebSocket / HTTP, which validates and emits the audit event. This means a compromised dashboard can't bypass the audit trail or skip cascade layers — every operator action is reproducible from logs.

Compliance + governance features

Compliance reports — pre-built templates for HIPAA, GDPR, SOC 2, PCI-DSS. Evidence collection from the audit trail; control-mapping with pass/fail status.
OIDC SSO — Okta, Azure AD, Keycloak. Per-domain provisioning. Replaces password auth on Business+ tiers.
RBAC — owner, admin, member, viewer roles. Per-page action-level permissions.
Multi-tenant isolation — full org scoping. Agents, API keys, policies, audit logs, all isolated. Built for platform teams running multiple product squads.
Webhooks — outbound events on kill, deny, scope grant, anomaly. Slack Block Kit format, PagerDuty Events API v2.
Stripe billing — usage-tier invoicing, plan upgrades, payment-method management (tier-gated availability).

Hosted or self-hosted

Both options run identical code. The hosted version (app.clampd.dev) is appropriate for teams that want zero infrastructure. The self-hosted version is for regulated industries, air-gapped environments, or teams that already have Kubernetes / Docker Compose practice. Stack, schema, and feature parity are the same.

Sign in or self-host

Hosted at app.clampd.dev — JWT auth, free tier under 25 agents, no credit card. Self-hosted via Docker Compose with full feature parity.