XFlow logoEco Sys Ver 3.4.1

Support: [email protected]|Contact page

Engineering maturity

Documentation index

XFlow is the operator dashboard for your app ecosystem. It shows what is connected, what is broken, what needs attention, and what actions keep your apps running.

Proof of discipline lives in versioned docs and typed contracts. Below are on-page summaries so evaluators and answer engines can orient without cloning first—then repository links remain the source of truth for full depth.

System context

Same ecosystem diagram as the home and architecture pages.

Applications emit signals into ingest; Verixet validates upstream where wired; XFlow correlates and surfaces; operators use the UI; Copilot is policy-governed on the same surface.Appsemit signalsIngestvalidate · normalizeVerixetgovernanceXFlowcorrelate · surfaceOperator UItriageCopilotpolicy-governed
Apps emit structured signals. Ingest validates and normalizes. Where wired, provides upstream governance and validation evidence. correlates and surfaces portfolio state for operators. Copilot runs under workspace policy on the same plane—not a generic chat bolt-on.

Technical foundations

These documents live in the repository. Set NEXT_PUBLIC_SHOWCASE_GITHUB_REPO (e.g. https://github.com/org/xflow) to enable clickable source-of-truth links.

  • System architecture

    Runtime layering, data flow, module map, and how the UI, API, core, and persistence relate.

    SYSTEM_ARCHITECTURE.md

  • Event model

    Normalized event fields, categories, ingest HTTP semantics, and idempotent replay behavior.

    docs/event-model.md

  • Security model

    Auth surfaces, workspace isolation, secrets handling, rate limits, and ingest abuse visibility.

    SECURITY_MODEL.md

  • Production readiness

    Operational checklist items that gate serious deployment: env, migrations, probes, and discipline.

    PRODUCTION_READINESS_CHECKLIST.md

  • Contracts and schemas

    Zod-backed definitions shared across API handlers and domain commands (source of truth in code).

    src/contracts/

  • Threat model

    Primary attack paths, required controls, and residual risk register for account, tenancy, and ingest surfaces.

    docs/security/THREAT_MODEL.md

  • Secure coding standard

    Non-negotiable implementation rules for authz, tenancy, auditability, and Copilot security boundaries.

    docs/security/SECURE_CODING_STANDARD.md

  • Secrets and key management

    Secret classes, rotation guidance, and compromise response expectations for production environments.

    docs/security/SECRETS_AND_KEY_MANAGEMENT.md

  • Vulnerability management policy

    Severity SLAs, triage workflow, and closure evidence requirements for dependency/code/platform vulnerabilities.

    docs/security/VULNERABILITY_MANAGEMENT_POLICY.md

  • Incident and on-call operations

    Incident response flow, severity handling, and on-call operating model for runtime issues.

    docs/operations/INCIDENT_RESPONSE_RUNBOOK.md

  • Service catalog

    Inventory of tiered services, dependencies, owners, and required release checks.

    docs/operations/SERVICE_CATALOG.md

  • Security-sensitive release signoff

    Mandatory release checklist for auth, RBAC, tenancy, session, and audit-critical changes.

    docs/operations/SECURITY_SENSITIVE_RELEASE_SIGNOFF.md

  • Review ownership map

    Owner routing matrix for identity, RBAC, tenancy, audit, Copilot, and operational control changes.

    docs/operations/REVIEW_OWNERSHIP_MAP.md

  • Testing strategy

    Required unit/integration/E2E layers and mandatory proof patterns for security-sensitive changes.

    docs/testing/TEST_STRATEGY.md

  • Tenant isolation test plan

    Cross-workspace abuse scenarios and CI regression policy for tenant-boundary guarantees.

    docs/testing/TENANT_ISOLATION_TEST_PLAN.md

  • Copilot governance

    Workspace-level AI controls for memory boundaries, source attribution, redaction, retention, and usage ledgering.

    docs/ai/COPILOT_GOVERNANCE.md

  • Admin operations guide

    Operational playbook for workspace admins covering membership, auth policy, and Copilot governance controls.

    docs/product/ADMIN_OPERATIONS_GUIDE.md

  • Enterprise onboarding checklist

    Customer go-live checklist with required SSO, MFA, policy, synthetic checks, and onboarding evidence artifact.

    docs/product/ENTERPRISE_ONBOARDING_CHECKLIST.md

  • Architecture decision records

    Accepted ADRs for tenant-scoped authorization, audit correlation, and Copilot governance boundaries.

    docs/decisions/README.md

  • Compliance execution pack

    Control ownership matrix, SOC2 evidence index, and periodic access review procedure for audit readiness.

    docs/compliance/CONTROL_OWNERSHIP_MATRIX.md

  • Service extraction triggers

    Threshold-based policy and assessment workflow for extracting ingest, jobs, collectors, and Copilot services.

    docs/architecture/SERVICE_EXTRACTION_TRIGGERS.md

  • Monthly compliance workflow

    Single-command monthly evidence generation for SLO snapshots, access review artifacts, and evidence bundles.

    docs/compliance/MONTHLY_COMPLIANCE_WORKFLOW.md

  • Support escalation policy

    Severity-based support routing and escalation expectations for enterprise customer incidents.

    docs/operations/SUPPORT_ESCALATION_POLICY.md

  • Enterprise handoff package

    Release/customer cutover manifest generator linking compliance, onboarding, restore, SLO, and support artifacts.

    docs/operations/ENTERPRISE_HANDOFF_PACKAGE.md

  • SLA tiers

    Commercial service-level targets by tier including uptime, response SLO, and support response expectations.

    docs/commercial/SLA_TIERS.md

  • Quota policy

    Tiered product quotas and enforcement expectations for apps, users, Copilot usage, and event ingest.

    docs/commercial/QUOTA_POLICY.md

  • Commercial contract package

    Automated contract package generation linking SLA/quota policies and enterprise handoff evidence.

    docs/commercial/COMMERCIAL_CONTRACT_PACKAGE.md

  • Enterprise quarterly workflow

    Quarterly orchestrator that chains compliance, onboarding, service extraction, handoff, and commercial package generation.

    docs/operations/ENTERPRISE_QUARTERLY_WORKFLOW.md

System guarantees

Design commitments reflected in code and operations—not marketing claims.

  • Errors and ingest outcomes are explicit: created vs skipped vs rejected—not silent success.
  • Request correlation is expected end-to-end; responses carry request identifiers for support and debugging.
  • Event ingestion is normalized to a single schema before persistence and operator surfaces.
  • Authentication boundaries are deliberate: browser sessions, bearer ingest, and probes are separate actors.
  • Privileged mutations are expected to emit structured audit events with actor/entity provenance.
  • Health and readiness are distinct concepts; collectors respect that split when endpoints exist.
  • Workspace-bound operational data is not exposed on public routes; this showcase is curated and static.

Home · Architecture · Learn