SecurityV0 Documentation
Autonomous Execution Exposure Management platform
SecurityV0 discovers standing execution paths where autonomous identities (NHIs, agents, service principals) continue operating after human ownership decays, scope drifts, or intent is fulfilled.
Quick Navigation
| Need | Go To |
|---|---|
| Understand the system | Architecture Overview |
| MongoDB schema | Database Architecture |
| Entity relationships | Data Model |
| Add a connector | Connector Framework |
| Test scenarios | Integrations |
| Product vision | SecurityV0 Vision |
| Doc conventions | Repository Guide |
Design Principles
- Deterministic - No ML or probabilistic scoring
- Read-only - Metadata only, never modify sources
- Explainable - Walkable evidence chains
- Temporal - Track drift over time
- Evidence-grade - Immutable, timestamped output
Key Concepts
| Concept | Description |
|---|---|
| Execution Path | Identity → Role → Permission → Resource chain |
| Ownership Decay | Human owner leaves, identity keeps executing |
| Scope Drift | Permissions expand without re-approval |
| Evidence Pack | Sealed, timestamped proof of a finding |
See the full Glossary for all domain and platform terminology.
Documentation Rules
Documentation conventions, naming, and navigation requirements are defined in sv0-documentation/CLAUDE.md. The Repository Guide summarizes the required rules and links back to the canonical source.
Architecture Decisions
Key decisions are documented as ADRs in architecture/decisions/:
- ADR-000: Documentation Strategy - MkDocs + GitHub approach
- ADR-001: MongoDB Only - Single database for MVP
- ADR-002: Single Collection - Entity storage pattern
- ADR-003: Reject Apache AGE - Graph extension evaluation
Last updated: 2026-02-02