OCR on the server first
Heavy OCR and inspection stay centralized for patching, audit, and performance reasons, with room for offline fallback later.
Architecture
Hybrid by design: endpoint enforcement, centralized inspection, shared control plane.
Consent Secure uses a practical enterprise model. Endpoints capture, enforce, and report. Server services handle heavy inspection, orchestration, storage, and audit. Shared services coordinate policy, identity, events, and operator workflows.
Edge
Windows endpoint host
Single endpoint host for DLP communications, secure token storage, heartbeat, pending commands, and local remediation execution.
Core
Application services
Consent, privacy, DLP, DSPM, endpoint APIs, IAM, and platform ops run as separated services with shared contracts and clean module boundaries.
Infra
Operational backbone
RabbitMQ for messaging, Redis for presence and scale-out, PostgreSQL for data, Docker for deployment, and optional Elastic or other SIEM targets.
Ops
Admin surfaces
Unified operator UI with pages for endpoints, deployments, commands, SIEM, threats, and events backed by server-side pagination and filters.
Key Design Choices
Why the architecture is practical.
Provider boundaries
OCR, connector, and future AI integrations are kept behind contracts so infrastructure choices do not leak into application workflows.
Message-driven operations
RabbitMQ, Redis, SignalR, and replayable SIEM export patterns support fleet operations and operational resilience.
Layered Delivery
Endpoint, services, and infrastructure aligned by role.
The architecture is easier to understand when shown as clear layers: endpoint capture, centralized services, and shared operational infrastructure.
Deployment
Demo-ready, enterprise-oriented.
The current stack is Dockerized, supports VM-based deployment and GitHub Actions-based rollout, and carries documented runbooks for endpoint readiness, SIEM operations, and deployment packaging. Managed cloud service choices can be layered in later without rewriting the public architecture story.