-
Notifications
You must be signed in to change notification settings - Fork 0
Home
DataShield is a self-hosted service that tells a business whether its employees' data has surfaced in known breaches, with severity-based alerting and a customizable security dashboard.
DataShield is under active development and is not production ready. The database schema, APIs and UI can change without notice. Do not point it at real production data yet.
DataShield connects to your identity provider (Entra ID, Google Workspace, LDAP, AWS, Okta, or inbound SCIM), pulls the employee directory, then checks each employee email against breach-intelligence providers (Have I Been Pwned and others). Matches become breach records and alerts, scored by severity, surfaced on a drag-and-drop dashboard, and pushed out by email and webhooks.
Identity provider -> Employee directory -> Breach scan -> Alerts + Dashboard + Reports
(sync / SCIM) (Postgres) (HIBP, etc.) (severity, webhooks, email)
| Page | What it covers |
|---|---|
| Getting Started | Prerequisites, install, seed data, first run |
| Configuration | Every environment variable and what it unlocks |
| Architecture | High-level design, request flow, directory layout |
| Database Schema | Prisma models, enums, relations |
| Breach Scanning | Scan engine, providers, severity, rate limits |
| Directory Integrations | Entra ID, Google, LDAP, AWS, Okta connectors |
| SCIM Provisioning | Inbound SCIM 2.0 push provisioning |
| Dashboard and Widgets | Widget registry, presets, layout persistence |
| Reports | Report sections, filters, CSV export |
| API Reference | REST endpoints, auth, status codes |
| Security | Encryption, auth, secret scanning, rate limiting |
| Roles and Permissions | ADMIN vs VIEWER model |
| Development | CI gates, workflows, contributing, conventions |
| Troubleshooting | Common errors and fixes |
- Next.js 15 (App Router), React 19, TypeScript strict mode
- Prisma 7 with PostgreSQL
- Auth.js (next-auth v5)
- Tailwind CSS, Recharts, react-grid-layout, dnd-kit
- Repository: https://github.com/WhiteMuush/DataShield
- Issues: https://github.com/WhiteMuush/DataShield/issues
- License: source-available (no resale of the software), see the repo
LICENSE
DataShield is source-available software by Melvin PETIT (WhiteMuush). Work in progress, not production ready.
Getting started
Architecture
Features
Reference
Contributing