Orbyx AI-SPM — Architecture Overview

AI Security Posture Management · All services run in Docker Compose

User
:3000
Admin Portal (React)
Chat UI · Admin dashboard · Threat findings · Cases · Inventory
Nginx
HTTP / JWT Bearer
Gateway
:8080
API Gateway
JWT auth · RS256 · Rate limiting · Guard screen · CEP · Memory · Tool execution · LLM proxy
FastAPI
:8090
Freeze Controller
Freeze / unfreeze users, tenants, sessions
FastAPI
:8091
Policy Simulator
Dry-run Rego policy evaluation against sample events
FastAPI
Security
:8200
Guard Model
Content moderation · Llama Guard 4 12B via Groq · Regex fallback
FastAPI · Groq
OPA Policy Engine
:8181
Rego policies · Request allow / escalate / block decisions
OPA 0.70
AI / LLM
Claude (Anthropic)
Haiku · Sonnet · Opus · Tool use · Streaming responses
External API
Tavily Search
Real-time web search tool available to Claude
External API
Kafka events
Infrastructure
Kafka
Event streaming · 12+ topics · Per-tenant ACLs
Confluent 7.6
Redis
Session memory · Long-term history (30d) · Rate limit counters
Redis 7
Processing
SPM Aggregator
Kafka consumer → Postgres writer · Prometheus metrics
Python · Kafka
Processor
Enriches raw events with posture scores and signals
Python · Kafka
Memory Service
Session · Long-term · System memory namespaces in Redis
Python · Redis
Data
PostgreSQL
audit_export · posture_snapshots · model_registry · threat_findings · cases · sessions
Postgres 16
Management
:8092
SPM API
Model registry · Posture scores · NIST AI RMF compliance · Enforcement thresholds
FastAPI
:8094
Agent Orchestrator
Session lifecycle · Risk scoring · Policy evaluation · Threat findings · Cases
FastAPI
Threat Hunting
🎯 Threat Hunting Agent
Autonomous AI security scanner · LangChain + Groq Llama 3.3 70B
9 proactive scans every 5 min: exposed credentials · port anomalies · runtime anomalies · prompt secret exfiltration · PII leakage · tool misuse · overprivileged models
LangChain · Groq · Required: GROQ_API_KEY
Observability
:9090
Prometheus
Scrapes /metrics from all services every 15 s
v2.55
:3001
Grafana
AI SPM Overview · Engineering · Compliance dashboards
v11.4 · admin/admin
User-facing / API
AI / LLM (external)
Infrastructure
Security / Policy
Threat Hunting
Data / Processing
Observability