🏠 Overview 🧩 Components 🧩 Security Metrics Service

Security Metrics Service

Component Detail

Service Layer medium complexity backend
0
Dependencies
0
Dependents
1
Entities
0
Integrations

Description

Backend service that aggregates authentication, session, and audit data into security metrics for a single organization. Enforces tenant isolation and exposes query endpoints consumed by the Security Dashboard Page.

Feature: Security Dashboard

security-metrics-service

Sources & reasoning

Source taxonomy at line 380 lists Security Dashboard under admin-security with Page + Metrics Service components. Line 193 establishes the tenant-isolation and time-bounded support-access guarantees the dashboard must surface. Not called out as MVP, so target_release defaults to Core Product per resolution rule 3.

  • Security & Audit (admin-security) | Security Dashboard | Security Dashboard Page [ui] | Security Metrics Service [service]
  • Tenant separation is strict: each org's data is isolated. Orgs can grant a Global Admin time-bounded support access via a flag in Organization Settings

Responsibilities

  • Aggregate login attempts, failures, and active sessions by organization
  • Detect anomaly patterns such as impossible travel or brute-force bursts
  • Enforce tenant scoping on every query against audit and session subsystems
  • Expose time-bucketed metric queries for dashboard widgets
  • Emit alert payloads when thresholds or anomaly rules trigger

Interfaces

getSecurityOverview(orgId, range): SecurityOverview
listSuspiciousEvents(orgId, range): SuspiciousEvent[]
getActiveSessionCount(orgId): number
detectAnomalies(orgId, range): Anomaly[]

Related Data Entities (1)

Data entities managed by this component

Users 18 fields core