Technical Deep Dive

Platform Architecture, Human Vulnerability Scanner & 5-Engine System for Technical Teams

20-Minute Technical Presentation
For IT Directors & Security Teams
6 Technical Slides
Updated: January 2026
Back to Sales Materials
Slide 1

Privci Platform Architecture

Browser-First Human Risk Management Platform
1

Browser-Based Training Agents

Lightweight extensions for Chrome, Edge, Firefox. Real-time behavioural monitoring and intervention delivery at the point of risk.

Browser Extension API Real-time Monitoring Local Processing
2

APIR Framework Engine

Assess → Personalize → Intervene → Reassess continuous loop. COM-B behaviour change model implementation with 10 specialist AI agents.

COM-B Model 10 AI Agents Behavioural Science
3

5-Engine Core Platform

Awareness Engine, Change Engine, Phish Aware, Business Watch, Policy Keeper. Integrated data layer with shared intelligence.

Microservices Shared Data Layer Event Bus
4

Admin & Analytics Dashboard

Centralised management console. Real-time reporting, intervention management, and compliance tracking.

React.js WebSocket Real-time Analytics

Deployment Architecture

  • Browser Agents: Lightweight extensions (Chrome/Edge/Firefox)
  • Cloud Platform: GCP-based microservices architecture
  • Data Processing: Real-time behavioural analytics pipeline
  • Integration: REST API with webhook support

Technical Specifications

  • Browser Support: Chrome 80+, Edge 80+, Firefox 78+
  • API Rate Limit: 1000 requests/second per tenant
  • Data Retention: 60-day to 1-year compliance
  • Uptime SLA: 99.95% guaranteed
Zero-install browser agents with cloud-based analytics and management
Slide 2

Human Vulnerability Scanner

30-Day Behavioural Risk Assessment Engine
Initial Setup & Configuration

Baseline policy configuration
Threat scope definition
User onboarding & agent deployment

Day 1-3
Continuous Assessment

Real-time behavioural monitoring
Policy violation detection
Knowledge evaluation

Day 4-29
Phish Challenge & Testing

Automated phishing simulations
Behavioural response analysis
Skill gap identification

Integrated Testing
Reporting & Interventions

Comprehensive risk scoring
Targeted intervention assignment
Continuous improvement cycle

Day 30+

Key Assessment Components

  • Baseline Training: Real‑time detection of policy violations, unsafe behaviours, and risky decision patterns
  • CyberSkills Training: 40‑module structured curriculum measuring technical security competence
  • Policy Training: Policy Keeper challenges and Policy Champion Award performance tracking
  • Phish Challenge: Inbox‑style behavioural phishing simulations with adaptive difficulty
  • Phishing Tests: Real‑world mimic phishing campaigns assessing click‑through and reporting behaviour
  • Online Exposure Scan: External exposure analysis including breached credentials, OSINT signals, and digital footprint risks
  • Event Monitoring: 43 behavioural event types across awareness, decision‑making, and response actions
  • Use Case Monitoring: 35 user‑activity and incident correlations across Privci’s behavioural engines

Output Metrics

  • Human Vulnerability Index (HVI): 1–10 composite risk score combining behaviour, exposure, and training signals
  • Behavioural Archetype: User classification based on decision patterns, risk tendencies, and behavioural consistency
  • Threat Exposure Index (TEI): Organisation‑wide exposure score combining phishing, OSINT, and behavioural indicators
  • Organisational Human Risk Posture (OHRP)A holistic measure estimating the organisation's overall risk status by combining HVI and TEI
  • Individual Risk Profiles: Per‑user breakdown of behavioural weaknesses, exposure risks, and training gaps
  • Intervention Readiness: Automated recommendations for targeted behavioural interventions and training actions

Technical Implementation

Data Collection
  • Browser extension event monitoring
  • Real-time policy violation detection
  • User interaction tracking
  • Phishing response measurement
Privacy & Security
  • GDPR-compliant data processing
  • No personal content collection
  • Local browser processing first
  • End-to-end encryption
Generates 3 report types: Trends Report, Interactive Dashboard, Executive PDF
Slide 3

5-Engine Technical Architecture

Integrated Behavioural Risk Management System
Awareness Engine

Multi-layered training platform

Change Engine

Behaviour intervention system

Phish Aware

Phishing simulation & training

Business Watch

Digital footprint analysis

Policy Keeper

Policy management & compliance

Awareness Engine

  • Baseline Training: Real-time violation prompts
  • CyberSkills Training: 40 compliance-aligned modules
  • Policy Training: Policy Champion Award competition
  • Training Modes: Full Engagement, Recognition, Distraction-Free
  • Integration: Direct Policy Keeper integration

Change Engine

  • 10 Behaviour Agents: COM-B model implementation
  • Security Chronicles: 49-day narrative journey
  • Topic of the Week: Weekly micro-learning
  • Event Monitoring: 43 behavioural events
  • Behaviour Insights: Threat-focused dashboard

Phish Aware

  • 800+ Templates: Phishing simulation library
  • Phish Challenge: Inbox-style assessment
  • Auto Simulation: Scheduled phishing campaigns
  • Live Templates: Real breach-based simulations
  • User Directory: Flexible user management

Business Watch

  • Shadow Watch: Shadow IT detection
  • Breach Watch: Service breach monitoring
  • Data Guard: 35 real-time alert use cases
  • Geofence Protection: Data location controls
  • Dark Web Search: Credential exposure detection
All engines share common data layer and communicate via internal API gateway
Slide 4

Training Agents Architecture

Browser-Based Behavioural Intelligence Platform
1

Browser Extension Architecture

Lightweight extensions for Chrome, Edge, Firefox. Secure installation via extension stores with enterprise deployment options.

Manifest V3 Service Workers Content Scripts
2

Local Processing Engine

Real-time behavioural analysis at browser level. Privacy-preserving local processing before cloud transmission.

Local Storage Real-time Analysis Privacy Filters
3

User Dashboard Components

12 core features including Behaviour Meter, Secure Habits Arena, Digital Footprint, and interactive training modules.

React Components WebSocket Local Cache

Behaviour-Shaping Features

  • Your Cyber Story: 49-day narrative journey
  • Defender Showdown: TTP-based threat training
  • Policy Champ Award: Competitive policy training
  • Skills Mastery Award: 40-module curriculum
  • Secure Habits Arena: Behaviour challenge interface

Monitoring & Awareness

  • Behaviour Meter: Real-time risk scoring
  • Digital Footprint: Exposure visualization
  • Ask the Policy: Natural language Q&A
  • Policy Sign-Off: Compliance tracking
  • Activity Logs: Behavioural event history

Deployment & Security Features

Deployment Options
  • Manual Installation: Extension store links
  • Enterprise Deployment: GPO, MDM, SCCM
  • Auto-provisioning: Azure AD/Google Workspace
  • Activation Token: Additional security layer
Security Controls
  • OTP Activation: Email-based verification
  • Encrypted Storage: Local data protection
  • Permission Scoping: Minimal required access
  • Audit Logging: Complete activity tracking
Supports Chrome, Edge, Firefox with enterprise deployment via GPO/MDM
Slide 5

Data Flow & Integration

API-First Architecture with Enterprise Integration
Browser Agents

Local behavioural processing
Privacy-filtered data collection
Real-time event monitoring

Data Source
API Gateway

REST API endpoint management
Authentication & rate limiting
Webhook event distribution

Processing Layer
Engine Processing

5-engine behavioural analysis
Real-time intervention logic
Threat intelligence correlation

Analysis Layer
Integration Endpoints

SIEM/SOAR integration
HRIS system synchronisation
Compliance reporting

Output Layer

Microsoft 365

Azure AD SSO, Microsoft Graph API, Exchange Online, SharePoint, Teams integration

SAML 2.0
Graph API

Google Workspace

OAuth 2.0 integration, Admin SDK, Gmail, Drive, Calendar, Google Chat

OAuth 2.0
Admin SDK

SIEM Integration

Splunk, QRadar, ArcSight, LogRhythm, Microsoft Sentinel, Elastic SIEM

Syslog
Webhook

REST API Endpoints

// Get user risk profile
GET /api/v1/users/{userId}/risk-profile
Authorization: Bearer <api_key>

// Response:
{
  "human_vulnerability_index": 4.2,
  "behavioural_archetype": "convenience_seeker",
  "threat_exposure": ["phishing", "shadow_it"],
  "active_interventions": 3
}
// Trigger phishing simulation
POST /api/v1/phishing/campaigns
{
  "template_id": "phish_adv_invoice",
  "target_users": ["group:sales"],
  "schedule_time": "2026-01-15T10:00:00Z"
}
OpenAPI 3.0 specification with SDKs for Python, JavaScript, .NET, Java
Slide 6

Security & Compliance

Privacy-by-Design Architecture

Privacy by Design

Local Processing First

Behavioural analysis occurs in browser before cloud transmission

No Personal Content

Only behavioural metadata, no email/content collection

GDPR Compliance

Data processing agreements, DPIAs, Article 30 records

Data Residency

EU, US, UK, APAC hosting options with sovereignty controls

Security Controls

UK Cyber Essentials In Progress
ISO 27001 In Progress
GDPR Compliance Full Compliance
Penetration Testing Yearly
Vulnerability Scanning Continuous
Compliant

GDPR

Articles 5, 25, 32, 35 compliance with DPIA conducted.

Compliant

CCPA/CPRA

California Consumer Privacy Act with right to delete/opt-out.

Compliant

UK GDPR

UK Data Protection Act 2018 with ICO registration.

In Progress

HIPAA

Healthcare compliance for US customers. Q2 2026.

In Progress

FedRAMP

US Government cloud compliance. Q4 2026.

Planned

ISO 27701

Privacy Information Management System extension.

Technical Security Features

AES-256 Encryption
Data in transit & at rest
Zero-Knowledge
Local processing first
VPC Isolation
Tenant data separation
Audit Logging
Immutable activity records
Independent security audits by Deloitte & PwC with quarterly penetration testing