Knogin
[Developers]

DoC Alert Domain

A corporate security manager has 200 employees traveling across 40 countries. When a traveler enters a city that has just been placed on a high-risk advisory, the system needs to react immediately, not wait for the next

Back to All Modules
Category: Api DomainsLast Updated: Feb 5, 2026
api-domainsaiblockchain

Overview#

A corporate security manager has 200 employees traveling across 40 countries. When a traveler enters a city that has just been placed on a high-risk advisory, the system needs to react immediately, not wait for the next manual check-in cycle. The DoC Alert domain provides that automatic trigger: geofence-based alert generation fires the moment a traveler crosses a defined boundary, routes the alert to the appropriate response team, and tracks resolution through to close.

Key Features#

  • Traveler safety alert creation and lifecycle management.
  • Geofence-triggered alert generation.
  • Alert routing and escalation workflows.
  • SOS activation alert handling.
  • Alert severity classification and prioritisation.
  • Organisation-scoped alert management.
  • Integration with traveler location tracking.
  • Alert resolution tracking with audit trail.

Use Cases#

Corporate duty of care teams receive automatic alerts when employees enter or exit geofenced high-risk areas, enabling immediate check-in workflows without requiring travelers to manually report location changes.

Travel risk managers track SOS activation alerts with structured escalation to response teams, ensuring that life-threatening situations reach the right people immediately rather than waiting for a duty officer to notice an unread notification.

Security operations monitor traveler safety thresholds and receive proactive alerts before situations deteriorate, acting on early warning signals rather than responding to already-escalated incidents.

Compliance and duty of care officers maintain complete alert resolution records for every traveler event, demonstrating that the organisation met its duty of care obligations during high-risk travel periods.

Integration#

Integrates with traveler management, geofencing, and general alert systems for comprehensive duty of care alert handling.

Open Standards#

  • OASIS STIX 2.1 (and 2.0): Alert exports are serialised as STIX bundles (application/stix+json), converting alerts into STIX Indicator and Observable objects for interoperability with threat-intelligence platforms.
  • RFC 3161 (Internet X.509 PKI Time-Stamp Protocol): Every alert export obtains a cryptographically verifiable timestamp from a qualified Time-Stamp Authority, producing an RFC 3161 token that is stored alongside the export to prove the evidence existed at a specific point in time.
  • ISO 19005-3 (PDF/A-3): Court-admissible admissibility reports are generated as PDF/A-3 archival documents with embedded JSON metadata, satisfying long-term preservation and legal-evidence requirements.
  • GraphQL (June 2018 specification): The entire alert query and mutation surface is exposed through a GraphQL API, including alert lifecycle management, AI widget queries, deduplication, flow control, and ML clustering.
  • NIST FIPS 197 / AES-256-GCM: Evidence stored in the evidence locker is encrypted at rest using AES-256-GCM with PBKDF2 key derivation iterated to the NIST SP 800-132 recommended minimum, protecting alert content from unauthorised access.
  • MITRE ATT&CK: Alert triage enrichment annotates alerts with ATT&CK tactic and technique identifiers, enabling structured classification of threat behaviour within the alert lifecycle.
  • RFC 6455 (WebSocket Protocol): Alert state changes are broadcast in real time to connected clients over WebSocket connections, enabling live dashboard updates without polling.
  • ISO 8601: All alert timestamps, retention windows, and evidence metadata are recorded and exchanged in ISO 8601 format, ensuring unambiguous date-time interoperability across systems.

Last Reviewed: 2026-02-05 Last Updated: 2026-04-14

Ready to Build?

Get started with our APIs or contact our integration team for support.