OuterSec - Enterprise Cybersecurity Compliance Monitoring Platform

24/7 AI-Powered Cybersecurity Compliance Monitoring for SMBs

OuterSec automatically monitors your organization's compliance with SOC 2, HIPAA, ISO 27001, and PCI-DSS standards. Real-time alerts, automated reports, and dark web monitoring — all in one platform.

---

🚀 Features

• ✅ Continuous Compliance Auditing - 24/7 automated compliance checks
• ✅ Multi-Framework Support - SOC 2, HIPAA, ISO 27001, PCI-DSS
• ✅ Breach Alerts - Real-time notifications via Email, Slack, SMS
• ✅ Dark Web Monitoring - Credential leak detection
• ✅ Vendor Security Monitoring - Track third-party security posture
• ✅ Automated Reports - Weekly/monthly PDF compliance reports
• ✅ Customer Dashboard - Real-time compliance scores and insights
• ✅ Admin Dashboard - Full operations and customer management
• ✅ Stripe Billing - Subscription management with trials

---

🛠️ Tech Stack

Frontend

• Framework: Next.js 14 (App Router)
• Language: TypeScript
• Styling: Tailwind CSS
• Icons: Lucide React
• Charts: Recharts

Backend

• API: Next.js API Routes
• Database: PostgreSQL via Supabase
• Auth: Supabase Auth (Email + Google SSO)
• Payments: Stripe
• Email: Resend
• Monitoring: Custom Node.js agents (cron jobs)

Infrastructure

• Hosting: Vercel (Frontend) + Railway/Render (Background Jobs)
• DNS: Managed via domain registrar
• SSL: Automatic via Vercel

---

📋 Prerequisites

Before you begin, ensure you have:

• Node.js 18.17.0 or higher
• npm or pnpm
• Git
• Supabase Account (for database and auth)
• Stripe Account (for payments)
• Resend Account (for emails)

---

⚙️ Environment Variables

Create a .env.local file in the root directory:

# Supabase
NEXT_PUBLIC_SUPABASE_URL=your_supabase_url
NEXT_PUBLIC_SUPABASE_ANON_KEY=your_supabase_anon_key
SUPABASE_SERVICE_ROLE_KEY=your_supabase_service_role_key

# Stripe
NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=your_stripe_publishable_key
STRIPE_SECRET_KEY=your_stripe_secret_key
STRIPE_WEBHOOK_SECRET=your_stripe_webhook_secret

# Resend (Email)
RESEND_API_KEY=your_resend_api_key

# App
NEXT_PUBLIC_APP_URL=http://localhost:3000

# Admin
ADMIN_EMAIL=your_email@example.com
ADMIN_PASSWORD_HASH=your_hashed_password

# Monitoring APIs
HAVEIBEENPWNED_API_KEY=your_hibp_api_key
TWILIO_ACCOUNT_SID=your_twilio_sid
TWILIO_AUTH_TOKEN=your_twilio_token
TWILIO_PHONE_NUMBER=your_twilio_phone

# Optional
SLACK_WEBHOOK_URL=your_slack_webhook

See .env.example for a complete template.

---

🚀 Quick Start

1. Clone the Repository

git clone https://github.com/clawdbot5150-collab/outersec.git
cd outersec

2. Install Dependencies

npm install
# or
pnpm install

3. Set Up Environment Variables

cp .env.example .env.local
# Edit .env.local with your credentials

4. Run Database Migrations

npm run db:migrate

5. Start Development Server

npm run dev

Open http://localhost:3000 in your browser.

---

📁 Project Structure

outersec/
├── app/                    # Next.js App Router
│   ├── (marketing)/       # Public marketing pages
│   ├── dashboard/         # Customer dashboard
│   ├── admin/             # Admin dashboard
│   ├── api/               # API routes
│   ├── layout.tsx         # Root layout
│   ├── page.tsx           # Homepage
│   └── globals.css        # Global styles
├── components/            # React components
│   ├── ui/               # Reusable UI components
│   ├── layouts/          # Layout components (Header, Footer)
│   ├── marketing/        # Marketing page components
│   ├── dashboard/        # Dashboard components
│   └── admin/            # Admin components
├── lib/                  # Core libraries
│   ├── auth/            # Authentication logic
│   ├── stripe/          # Stripe integration
│   ├── email/           # Email templates and sending
│   ├── monitoring/      # Compliance monitoring agents
│   └── database/        # Database utilities
├── types/               # TypeScript type definitions
├── utils/               # Utility functions
├── public/              # Static assets
├── next.config.js       # Next.js configuration
├── tailwind.config.ts   # Tailwind CSS configuration
└── package.json         # Dependencies

---

🗄️ Database Schema

Tables

• customers - Customer accounts
• subscriptions - Stripe subscription data
• monitored_companies - Companies being monitored
• compliance_scans - Scan history
• alerts - Security alerts
• reports - Generated compliance reports
• dark_web_findings - Dark web monitoring results
• vendors - Monitored vendor list
• team_members - Team access management

See lib/database/schema.sql for full schema.

---

🚢 Deployment

Vercel (Recommended)

1. Push your code to GitHub
2. Import project in Vercel
3. Configure environment variables
4. Deploy

vercel --prod

Railway (Background Jobs)

For background monitoring agents:

railway up

---

🧪 Testing

# Run tests
npm test

# Run E2E tests
npm run test:e2e

# Type checking
npm run type-check

# Linting
npm run lint

---

📝 Development Phases

✅ Phase 1: Foundation (COMPLETE)

• Project structure
• Next.js setup with TypeScript
• Tailwind CSS theming
• Homepage with hero, features, pricing preview
• Header and Footer components
• GitHub repository

🚧 Phase 2: Authentication & Database (IN PROGRESS)

• Supabase setup
• User authentication (email + Google SSO)
• Database schema
• Protected routes

⏳ Phase 3: Stripe Integration

• Product and price creation
• Checkout flow
• Webhook handlers
• Subscription management

⏳ Phase 4: Customer Dashboard

• Overview with compliance score
• Compliance monitoring tabs
• Alerts management
• Reports viewer
• Settings

⏳ Phase 5: Admin Dashboard

• Overview metrics
• Customer management
• Agent monitoring
• Revenue dashboard

⏳ Phase 6: Monitoring Engine

• SOC 2 compliance checks
• HIPAA compliance checks
• ISO 27001 compliance checks
• Dark web monitoring
• Vendor monitoring

⏳ Phase 7: Email Automation

• Onboarding sequence
• Alert emails
• Report delivery
• Re-engagement campaigns

⏳ Phase 8: SEO & Content

• Blog posts
• SEO optimization
• Schema markup
• Sitemap

⏳ Phase 9: Legal Pages

• Privacy Policy
• Terms of Service
• Security page

⏳ Phase 10: Production Launch

• DNS configuration
• SSL certificates
• Performance optimization
• Final testing

---

🤝 Contributing

This is a private commercial project. For access, contact the maintainers.

---

📄 License

Proprietary - All rights reserved © 2026 OuterSec

---

📞 Support

• Website: https://outersec.com
• Email: support@outersec.com
• Documentation: https://docs.outersec.com

---

🙏 Acknowledgments

Built with:

• Next.js
• Tailwind CSS
• Supabase
• Stripe
• Vercel

---

OuterSec - Cybersecurity Compliance Made Simple