Console Overview

What is Openlane Console?

Openlane Console is a comprehensive web application built with Next.js that provides organizations with a centralized platform to manage compliance programs, security controls, policies, and evidence collection. The console serves as your primary interface for maintaining and demonstrating compliance across various frameworks and standards.

The Console runs on port 3001 by default and is built with Next.js 16, React 19, and a modern tech stack optimized for enterprise use.

Core Capabilities

The Console provides enterprise-grade features across several key areas:

Compliance Management

Manage controls, policies, procedures, and risks across multiple compliance frameworks

Evidence Collection

Centralized repository for compliance evidence with automated collection capabilities

Organization Management

Multi-organization support with role-based access control and team collaboration

Security & Authentication

Enterprise authentication with SSO, 2FA, and WebAuthn passkey support

Key Features

Compliance Automation

Control Management

Create and manage security controls
Map controls to compliance frameworks
Track control implementation status
Define control objectives and subcontrols
Clone existing controls for efficiency

Policy & Procedure Management

Maintain internal policies and procedures
Version control and approval workflows
Policy-to-control mapping
Automated policy reviews

Risk Management

Identify and track organizational risks
Risk assessment and mitigation planning
Risk-to-control mapping
Real-time risk dashboards

Evidence Management

Upload and organize compliance evidence
Automated evidence collection
Evidence-to-control linking
Audit trail and versioning

Program Management

The Console supports comprehensive compliance program management:

Multi-Framework Support: Manage compliance across SOC 2, ISO 27001, HIPAA, and custom frameworks
Assessment Automation: Create and distribute questionnaires for vendor assessments
Task Management: Automated task assignment and tracking
Exposure Management: Monitor and manage security exposures
Standards Registry: Maintain a registry of applicable standards and requirements

Dashboard & Reporting

Gain visibility into your compliance posture with:

Compliance Overview: Real-time status of compliance programs
Suggested Actions: AI-powered recommendations for compliance improvements
Custom Dashboards: Tailored views for different stakeholder needs
Analytics: Track metrics and trends across programs

AI suggestions can be enabled via the NEXT_PUBLIC_AI_SUGGESTIONS_ENABLED environment variable when integrated with Google AI.

Technology Stack

The Console is built with modern web technologies:

Frontend
Authentication
Data & APIs
Integrations

Framework: Next.js 16 with App Router
UI Library: React 19 with TypeScript
Styling: Tailwind CSS 4
State Management: Zustand, TanStack Query
Form Handling: React Hook Form with Zod validation

User Interface Components

The Console uses a rich set of UI components built on Radix UI primitives:

Forms: Advanced form builders with JSON schema support
Tables: Sortable, filterable data tables with pagination
Dialogs & Modals: Accessible dialog system
Drag & Drop: Sortable lists and kanban boards via dnd-kit
Rich Text: Markdown rendering with syntax highlighting
PDF Viewer: Embedded PDF viewing with react-pdf
Maps: Google Maps integration for location data
Graphs: Force-directed graphs for relationship visualization

Architecture Highlights

Route Structure

The Console uses Next.js App Router with route groups:

(auth)/          - Authentication flows (login, signup, SSO, 2FA)
(protected)/     - Authenticated routes
  ├── dashboard          - Home dashboard
  ├── controls           - Control management
  ├── policies           - Policy management
  ├── procedures         - Procedure management
  ├── risks              - Risk management
  ├── evidence           - Evidence repository
  ├── programs           - Compliance programs
  ├── automation/        - Assessment & task automation
  ├── organization       - Organization selector
  ├── organization-settings/
  ├── user-settings/
  ├── trust-center/      - Public trust center
  └── registry/          - Standards registry

Security Features

The Console implements multiple layers of security:

Session-based authentication with secure cookies
CSRF protection on all mutations
reCAPTCHA integration for bot prevention
Rate limiting on authentication endpoints
Content Security Policy headers

Getting Started

To start developing with the Console:

Start Development Server

task dev:console

The console will be available at http://localhost:3001

Configure Environment

Set up required environment variables for authentication, API access, and integrations. See the Deployment Guide for details.

Explore Features

Next Steps

Authentication

Learn about SSO, 2FA, and WebAuthn implementation

Dashboard

Understand dashboard features and data flows

Organizations

Multi-organization setup and management

Deployment

Deploy the Console to production

Getting Started

Console

Component Library

Architecture

Development

What is Openlane Console?

Core Capabilities

Compliance Management

Evidence Collection

Organization Management

Security & Authentication

Key Features

Compliance Automation

Program Management

Dashboard & Reporting

Technology Stack

User Interface Components

Architecture Highlights

Route Structure

Security Features

Getting Started

Next Steps

Authentication

Dashboard

Organizations

Deployment

Build docs developers (and LLMs) love

Getting Started

Console

Component Library

Architecture

Development

​What is Openlane Console?

​Core Capabilities

Compliance Management

Evidence Collection

Organization Management

Security & Authentication

​Key Features

​Compliance Automation

​Program Management

​Dashboard & Reporting

​Technology Stack

​User Interface Components

​Architecture Highlights

​Route Structure

​Security Features

​Getting Started

​Next Steps

Authentication

Dashboard

Organizations

Deployment

Build docs developers (and LLMs) love

What is Openlane Console?

Core Capabilities

Key Features

Compliance Automation

Program Management

Dashboard & Reporting

Technology Stack

User Interface Components

Architecture Highlights

Route Structure

Security Features

Getting Started

Next Steps