SifrBolt Documentation

Documentation to understand the SifrBolt platform and use it effectively.

Why it matters

Drift sweeps detect configuration changes that fall outside your approved policies. Automating them keeps procurement, security, and marketing aligned.

Prerequisites

Storm or Citadel plan with Governance Packs enabled.
Console access with permissions to edit QuietOps windows and automation scripts.
Ticketing or notification channel to receive sweep summaries.

Step 1 · Define QuietOps Windows

Open Operations → QuietOps in the console.
Create windows that avoid peak traffic. Typical cadence is daily, 01:00–03:00 in the storefront’s local time.
Assign notification recipients—security, marketing, platform engineering—to ensure everyone receives the report.

Step 2 · Configure Drift Sweeps

Navigate to Automation → Drift Sweeps.
Select the storefronts covered by the QuietOps window.
Choose the policies to verify (rulepacks, cache policies, access controls).
Enable Attach transparency bundle so each run links to signed artifacts.

Step 3 · Enable Ticket Sync (Optional)

If you use Jira, ServiceNow, or Zendesk, connect the integration under Integrations → Ticketing.
Map sweep severity levels to issue priorities.
Test the connection using the Send sample sweep button.

Step 4 · Verify Automation

Run a validation sweep

Trigger a manual sweep from the console and wait for the completion webhook.
Download transcript quietops-sweep-2025-01 from the Trust Center.
Use the verification CLI to replay the transcript (for example bunx @sifrbolt/verify drift --bundle quietops-sweep-2025-01).

Ongoing Operations

Review sweep summaries weekly; investigate any failures before the next campaign window.
Rotate notification recipients quarterly to keep stakeholder lists current.
Archive validated transcripts in your compliance evidence folder for audits.

Add additional governance automations under docs/src/pages/implementation/ to cover other proof workflows.