Security

Security Overview

SYNTHET's comprehensive security module protects your Discord server from common attacks, unauthorized bulk actions, and malicious activity. Learn how automated protection works alongside your moderation team.

What Security Protects Against

The Security module automatically detects and mitigates three primary threat vectors:

Server Nuking

Mass deletion of channels, roles, and members. A compromised admin or bot can cause catastrophic damage in seconds. SYNTHET detects suspicious patterns and stops the attack before completion.

Raid Attacks

Coordinated join floods, message spam, and mention attacks from multiple accounts. SYNTHET automatically triggers lockdown, quarantine, and account verification to protect your community.

Unauthorized Bulk Actions

Legitimate accounts misused or compromised to perform dangerous bulk operations. The threshold system detects abnormal activity patterns and alerts you immediately.

Anti-Nuke Threshold System

The anti-nuke system monitors four critical actions and triggers protective measures when thresholds are exceeded:

Channel Deletions

Tracks how many channels are deleted within a time window. If a single user or bot deletes N channels in M minutes, automatic protection triggers.

Role Deletions

Monitors role deletion rates. Role deletion is particularly dangerous as it can strip permissions from your entire moderation team instantly.

Ban Waves

Detects rapid consecutive member bans. Useful for catching compromised moderator accounts performing mass bans.

Kick Waves

Monitors rapid consecutive member kicks. Often used before deleting channels to remove witnesses.

All thresholds are configurable per time window (default: 10 minutes). You can adjust sensitivity based on your server's normal activity patterns.

Anti-Raid Quarantine & Lockdown

When a raid is detected, SYNTHET has multiple response layers:

Lockdown Mode

Instantly restricts chat and permissions across the server or specific channels. Only trusted roles can speak and perform actions. Triggered automatically when raid indicators spike.

Can be manually triggered by server admins or moderators with the capability to do so.

Quarantine System

Suspicious new accounts are automatically assigned a quarantine role that restricts permissions. They can be verified through CAPTCHA or manual review before gaining access.

Quarantine duration and role are fully customizable.

Account Age Filtering

Automatically suspect accounts created within a specific timeframe (e.g., accounts less than 24 hours old). Can trigger quarantine or verification requirements.

How Security Alerts Work

Every security event generates an alert logged to your security dashboard and sent to configured alert channels:

Who triggered it: User ID and username

What action: Channel deletion, ban wave, raid join flood, etc.

Severity level: Low, Medium, High, or Critical

What SYNTHET did: Quarantine, strip permissions, lockdown triggered, etc.

Timestamp: Exact moment of detection

Alerts are fully searchable and filterable by user, action type, severity, and date range. You can configure which alert channel receives which severity level.

Relationship to Moderation Module

Security and Moderation are complementary:

Security Module

Automatic threat detection and mitigation. Protects infrastructure (channels, roles, members). Focuses on preventing catastrophic damage.

Moderation Module

Manual and rule-based member behavior enforcement. Handles rule violations, spam, toxicity. Focuses on community standards.

Security alerts can trigger moderation actions (like auto-quarantine), and moderation logs appear alongside security events in the unified audit trail.

Dashboard Access

The Security module is located in the dashboard sidebar under Protection. From there you can:

  • Configure anti-nuke thresholds and whitelist trusted admins/bots
  • Enable/disable raid detection methods and adjust sensitivity
  • Review recent security alerts and take action
  • Manage quarantine and lockdown settings
  • Configure alert notification channels

Tip: The Security dashboard shows real-time metrics on attack attempts, quarantined users, and active lockdowns.

← Anti-Raid (Moderation)Anti-Nuke →