From zero to your first KRI
A ten-minute walkthrough from signup to a live Key Risk Indicator. Covers organization setup, tenant creation, wiring an integration, and reading your first dashboard.
1. Create an organization
Every Draxis deployment starts with an organization — the top-level container for all your tenants. An organization is usually a company (direct customer) or an MSP / vCISO partner running multiple client tenants.
On first launch the platform will redirect you to /api/auth/needs-setup and then to the admin registration page. Register with your work email and a 12+ character password. That account becomes the initial superadmin.
First-run admin registration only works once. After the first admin exists, further admins are invited from inside the app.
2. Create your first tenant
A tenant is a single customer’s risk environment — its own KRIs, controls, vendors, workflows, and expert-panel memory. Tenants are partitioned inside a single Postgres cluster by tenant_id; row-level security policies make cross-tenant reads impossible at the database layer. See Multi-tenancy.
From the org admin dashboard:
- Go to Settings → Tenants.
- Click New tenant, supply a slug (e.g.
acme-corp) and a display name. - Invite at least one tenant admin by email.
3. Wire an integration
Draxis doesn’t make up risk signals — it reads them from tools you already run (vulnerability scanners, EDR, IdP, cloud posture, ticketing, etc.). In the tenant’s Settings → Integrations tab:
- Click Add integration and pick a source type (vulnerability, identity, endpoint, …).
- Pick a vendor — the dropdown is populated from
/api/integrations/catalogat server boot. - The form auto-fills the known-fixed values (base URL, auth type). Supply the per-tenant bits (API key, instance URL, etc.) and hit Test.
- Save. The runner schedule (
dailyby default) now includes this source.
Credentials are encrypted at rest with the server’s ENCRYPTION_KEY and never written to logs. See Security & compliance.
4. Author your first KRI
A KRI (Key Risk Indicator) is a numeric value with a threshold. The connector writes the value; the KRI definition provides the meaning.
From Risk model → KRIs:
- Click New KRI.
- Pick a slug that matches what the connector writes (e.g.
critical_cves_unpatched_gt_30d). The slug is the contract between connector and KRI. - Attach it to the source you just created.
- Set warn / critical thresholds and the direction (higher-is-worse vs lower-is-worse).
- Link it to one or more risks and a business outcome so it rolls up cleanly.
5. Run it and see the result
Back on Integrations, click Run now on the source. The runner invokes the connector synchronously and reports rowsWritten / rowsSkipped. You can inspect the raw summary under Run history.
Now open Dashboard — your KRI appears with its current value and color-coded threshold.
6. Talk to the expert panel
Click the panel-chat icon and ask the AI vCISO:
“What are the top three risks I should be working on this quarter?”
The vCISO reads your KRIs, risks, outcomes, and institutional memory, and calls the Privacy / TPRM / Cyber Insurance experts as needed. See Expert panel for orchestration details.
What’s next
- KRIs & sources — the full data model.
- Integrations — every connector and its KRIs.
- Workflows — automate actions when KRIs breach thresholds.
- API reference — for teams wiring Draxis into their own tooling.