Project-Agent-trust-merge repo-root DEMO_QUICK_START.md

Get the full demo running in ~5 minutes (after you have Supabase credentials)

---

Prerequisites

✓ Python 3.10+ ✓ Node.js 18+ ✓ Supabase account with project created ✓ Internet connection

---

1. Clone & Navigate

``bash cd /home/user/Project-Agent ``

---

2. Run Automated Setup

```bash

This installs all dependencies and configures everything

bash SETUP_DEMO_ENVIRONMENT.sh ```

What it does:

✓ Installs Python dependencies (FastAPI, Supabase SDK, etc.)
✓ Creates .env file from template
✓ Installs Node.js frontend dependencies
✓ Creates frontend/.env.local from template
✓ Seeds demo data to your Supabase project
✓ Validates all connections

---

3. Configure Your Credentials

When prompted by the setup script, edit these files:

Backend Configuration

File: arxsec-api/.env

```bash

Edit with your Supabase details

SUPABASE_URL=https://YOUR_PROJECT.supabase.co SUPABASE_ANON_KEY=YOUR_ANON_KEY SUPABASE_SERVICE_ROLE_KEY=YOUR_SERVICE_ROLE_KEY # REQUIRED for seeding

Local dev settings

ARXSEC_ENV=development ARXSEC_API_URL=http://localhost:8000 REDIS_URL=redis://localhost:6379 ```

Get your credentials:

Log in to supabase.com
Select your project
Go to Settings → API
Copy the keys

Frontend Configuration

File: arxsec-api/frontend/.env.local

```bash

Must match your Supabase project

NEXT_PUBLIC_SUPABASE_URL=https://YOUR_PROJECT.supabase.co NEXT_PUBLIC_SUPABASE_ANON_KEY=YOUR_ANON_KEY

Backend URL (localhost for local development)

NEXT_PUBLIC_API_URL=http://localhost:8000 ```

---

4. Start the Demo

Terminal 1 - Backend API

``bash cd arxsec-api python main.py ``

Expected output: `` INFO: Uvicorn running on http://0.0.0.0:8000 INFO: arxsec.api.startup, env=development ``

✓ API is ready when you see these messages.

Terminal 2 - Frontend (new terminal)

``bash cd arxsec-api/frontend npm run dev ``

Expected output: `` Local: http://localhost:3000 ``

✓ Frontend is ready when you see this.

Terminal 3 - Open Browser (new terminal)

```bash open http://localhost:3000 # macOS

or on Linux:

xdg-open http://localhost:3000 ```

---

5. Verify the Demo

Dashboard Should Show:

📊 Overview Page

Agents Active: 10 (detection-triage-agent, cloud-threat-response, etc.)
Pending Approvals: 1 (host containment request)
Recent Audit Entries: 60+ policy evaluations
Policy Status: 15 rules configured

🤖 Agents Page

List of 10 agents with:
Name & description
Runtime & version
Status (active/inactive)
Declared intent (permitted systems/actions)

✅ Approvals Page

Pending: 3 requests
Host containment (risk: 85%)
CI/CD policy change (risk: 78%)
Cloud finding analysis (risk: 45%)
Approved: 4 actions
Incident creation (approved 2 hrs ago)
Vulnerability scanning (approved 3 hrs ago)
Denied: 2 actions
User deactivation (false positive)
Network policy change (manual only)

📜 Audit Log Page

Shows all policy evaluations
Filters: action type, status, connector
Export options (CSV, JSON, PDF)

🔐 Policies Page

15 policy rules with:
Rule type (allow/deny/escalate)
Risk threshold
Approval channel
Agent scope

---

6. CISO Demo Script

Total Time: ~10 minutes

Slide 1: Agent Governance (2 min)

Navigate to: Agents page

"Here we see 10 deployed agents. Each agent declares its intent upfront:

What systems it can connect to (CrowdStrike, Jira, Slack, etc.)
What actions it can perform (read/write/execute)
What data it can access

This is the foundation of our governance model."

Slide 2: Policy Controls (2 min)

Navigate to: Policies page

"ARXsec enforces 15 policies:

Allow rules: Unrestricted access for safe operations
Deny rules: Hard blocks (e.g., 'no network policy changes without manual review')
Escalate rules: High-risk actions require approval

Each policy is tied to specific agents and risk thresholds."

Slide 3: Approval Workflows (3 min)

Navigate to: Approvals page

"When an agent attempts a high-risk action, ARXsec escalates for human review:

This pending request: Host containment (risk: 85%) — awaiting approval
This approved request: Ransomware response — approved in 7 minutes
This denied request: User deactivation — rejected as false positive

Every action is logged. Nothing happens without visibility."

Slide 4: Real-Time Audit (2 min)

Navigate to: Audit page

"Every single action by every agent is logged:

Policy evaluation result (PERMIT / DENY / ESCALATE)
Duration (milliseconds)
Risk score
Exact timestamp

This is your audit trail for SOC 2, ISO 27001, compliance frameworks."

Slide 5: Compliance Evidence (1 min)

Optional — if compliance page available

"For your next audit:

SOC 2 Type II: CC6.1 (Logical access), CC7.1 (Change management), CC8.1 (Incident response)
ISO 27001: A.9.2 (User access), A.12.4.1 (Event logging), A.13.2.3 (Segregation)

Every control is mapped to real agent actions."

---

Troubleshooting

"API Connection Refused"

```bash

Make sure API is running (Terminal 1)

cd arxsec-api && python main.py

Check if port 8000 is available

lsof -i :8000

If port is in use, kill it: kill -9 <PID>

```

"No data in dashboard"

```bash

1. Check that .env credentials are correct

grep SUPABASE_URL arxsec-api/.env

2. Verify demo data was seeded

python -c " from supabase import create_client import os os.chdir('arxsec-api') from dotenv import load_dotenv load_dotenv() db = create_client(os.getenv('SUPABASE_URL'), os.getenv('SUPABASE_SERVICE_ROLE_KEY')) print(f'Agents: {db.table(\"agents\").select(\"*\", count=\"exact\").execute().count}') print(f'Approvals: {db.table(\"approval_requests\").select(\"*\", count=\"exact\").execute().count}') "

3. Re-run seeding if empty

cd arxsec-api && python demo/seed_demo_data.py ```

"Network tab shows 404 errors"

```bash

1. Check frontend API URL is correct

grep NEXT_PUBLIC_API_URL arxsec-api/frontend/.env.local

2. Make sure it matches your API server:

http://localhost:8000 for local dev

https://api.arxsec.io for production

3. Rebuild frontend

cd arxsec-api/frontend && npm run build ```

"Supabase connection error"

```bash

1. Verify credentials are correct (no "your-xxx" placeholders)

cat arxsec-api/.env | grep SUPABASE

2. Test connection directly

python -c " from supabase import create_client db = create_client('https://YOUR_PROJECT.supabase.co', 'YOUR_SERVICE_ROLE_KEY') db.table('agents').select('*', count='exact').execute() print('✓ Connected!') "

3. If still failing, check:

- Project is not paused (check supabase.com dashboard)

- Network has internet connectivity

- API keys are correct (copy-paste from supabase.com)

```

---

Files & Structure

`` /home/user/Project-Agent/ ├── SETUP_DEMO_ENVIRONMENT.sh # Automated setup script ├── DEMO_QUICK_START.md # This file ├── DEMO_ENVIRONMENT_AUDIT_REPORT.md # Detailed audit report ├── audit_demo_environment.py # Diagnostic tool └── arxsec-api/ ├── .env # Backend config (create from .env.example) ├── .env.example # Template ├── main.py # API entry point ├── requirements.txt # Python dependencies ├── demo/ │ ├── seed_demo_data.py # Demo data seeding │ ├── detection_triage_agent.py │ ├── compliance_demo.py │ └── ...other demo agents... └── frontend/ ├── .env.local # Frontend config (create from .env.example) ├── .env.example # Template ├── package.json ├── src/ │ ├── lib/api.ts # API client (now uses env vars) │ └── app/ # Next.js pages └── ... ``

---

Next Steps

After demo works locally:

Deploy to staging

```bash

Push changes to your branch

git add -A git commit -m "Configure demo environment for CISO presentation" git push origin branch-name ```

Create PR with audit report

Include DEMO_ENVIRONMENT_AUDIT_REPORT.md
Link to this quick start guide

Run security review

Check arxsec-api/demo/seed_demo_data.py for any hardcoded secrets
Ensure .env is in .gitignore
Validate all API endpoints

Invite CISO team

Schedule demo walkthrough
Send this quick start guide as reference
Plan 15-20 min demo + 10 min Q&A

---

Support

For issues beyond this guide, check:

DEMO_ENVIRONMENT_AUDIT_REPORT.md — Detailed troubleshooting
audit_demo_environment.py — Run diagnostic: python audit_demo_environment.py
GitHub Issues — Report bugs

---

Ready? Start with: ``bash bash SETUP_DEMO_ENVIRONMENT.sh ``

Good luck with your CISO demo! 🚀

ARXsec Demo — Quick Start Guide

Prerequisites

1. Clone & Navigate

2. Run Automated Setup

This installs all dependencies and configures everything

3. Configure Your Credentials

Backend Configuration

Edit with your Supabase details

Local dev settings

Frontend Configuration

Must match your Supabase project

Backend URL (localhost for local development)

4. Start the Demo

Terminal 1 - Backend API

Terminal 2 - Frontend (new terminal)

Terminal 3 - Open Browser (new terminal)

or on Linux:

5. Verify the Demo

Dashboard Should Show:

📊 Overview Page

🤖 Agents Page

✅ Approvals Page

📜 Audit Log Page

🔐 Policies Page

6. CISO Demo Script

Slide 1: Agent Governance (2 min)

Slide 2: Policy Controls (2 min)

Slide 3: Approval Workflows (3 min)

Slide 4: Real-Time Audit (2 min)

Slide 5: Compliance Evidence (1 min)

Troubleshooting

"API Connection Refused"

Make sure API is running (Terminal 1)

Check if port 8000 is available

If port is in use, kill it: kill -9 <PID>

"No data in dashboard"

1. Check that .env credentials are correct

2. Verify demo data was seeded

3. Re-run seeding if empty

"Network tab shows 404 errors"

1. Check frontend API URL is correct

2. Make sure it matches your API server:

http://localhost:8000 for local dev

https://api.arxsec.io for production

3. Rebuild frontend

"Supabase connection error"

1. Verify credentials are correct (no "your-xxx" placeholders)

2. Test connection directly

3. If still failing, check:

- Project is not paused (check supabase.com dashboard)

- Network has internet connectivity

- API keys are correct (copy-paste from supabase.com)

Files & Structure

Next Steps

Push changes to your branch

Support