Nythrix — Settings

Profile

Username

Display Name

Email

Role

Tenant ID

Member Since

Change Password

Current Password

New Password

Confirm New Password

Multi-Factor Authentication

Loading...

Single Sign-On (SSO)

Configure Generic OIDC SSO for your organization. Works with Google Workspace, Azure AD / Entra, Okta, Ping, and any OIDC-compliant provider. Admin accounts always retain password login as an emergency fallback.

Provider Configuration

Discovery URL

Client ID

Client Secret

Allowed Email Domains (comma-separated, blank = any)

Force SSO (optional)

When enabled, non-admin users will be required to log in with SSO after the transition deadline. A notification email is sent to all users with instructions.

Require SSO for all users

API Keys

API keys allow programmatic access to the platform. Each key is scoped to your tenant and role. Keys are shown only once when created — store them securely.

Loading...

Generate New Key

Label

Role

⚠ Copy this key now — it will not be shown again

Session

Your current session token. Sessions expire after 30 days.

Notification Preferences

Control which events trigger in-app notifications and email alerts.

New observations (critical/high severity) Observation escalations (correlation triggers) Canary file beacon callbacks Honey credential usage Collector health alerts (offline/degraded) SSH session recordings (auth success)

Webhook Notifications

Configure webhook destinations to receive alerts when observations are created or escalated.

Loading...

Quick Setup — SIEM Presets

One-click integration with popular platforms

Loading presets...

Add Webhook

Name

URL

Events

Threat Intel Data Sources

Configure your own API keys for threat intelligence enrichment. These override the platform-wide keys for your tenant only.

Your organization can bring its own VirusTotal Enterprise key, MISP instance, or custom threat feeds. Keys set here are private to your tenant.

Loading...

Override a Global Source

Provide your own API key for a platform source (e.g., your own VirusTotal Enterprise key).

Source

Your API Key

Add Custom Source

Connect your own MISP instance, custom TAXII feed, or other threat intel API.

Name

Base URL

API Key

Type

Display Preferences

Dashboard Refresh Interval

Time Format

Reports

Generate executive summaries and coverage reports on demand.

Loading...

Sample Data

Your environment includes sample data to help you explore the platform. Sample playbooks show common response patterns. Sample detections demonstrate what real threat activity looks like. When you're ready to go live with real data, remove all samples with one click.

Loading sample data status...

About

Nythrix Active Defense Engine
Consequence-informed adversary behavior intelligence platform.
Built on John Strand's AAA/OODA active defense methodology.

Version 3.1 · 20 routers · 150+ endpoints · 61 tables · 30 decoy templates · 24 pages
nythrixgroup.com