Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.lintliot.com/llms.txt

Use this file to discover all available pages before exploring further.

The LintLiot dashboard is where every protection layer surfaces as a single, readable view of your app’s security. You don’t need to understand firewalls, WAF rules, or compliance controls to use it — each page answers one plain-English question, and your Security Score tells you at a glance whether everything is healthy.

Pages at a glance

The sidebar organizes pages into two groups: primary pages you’ll visit regularly, and advanced tools you can expand when you need them.

Overview

“Is my app healthy right now?” Your Security Score, recent event counts, module status, and a live feed of incoming requests — all in one place.

Scanner

“What vulnerabilities are in my code?” Every finding from your most recent code scan, sorted by severity, with inline remediation suggestions.

Shield

“What attacks are being blocked?” The WAF, bot detection, and rate limiter log every blocked request here, with attack type and origin country.

Permissions

“Who has access to what?” Role assignments, recent permission denials, and automatic admin-route protection status for your app.

Vault

“What data is encrypted?” The fields you’ve protected with field-level encryption, key rotation history, and coverage percentage.

Monitor

“What’s happening right now?” Real-time threat feed, traffic trend chart, attack pattern breakdown, and the Emergency Lockdown button.

Intelligence

“What patterns are emerging?” Cross-event analysis, threat actor profiles, 24-hour and 7-day trend comparisons, and CVE alerts for your dependencies.

Compliance

“Can I pass a security audit?” Control status across SOC 2, GDPR, HIPAA, PCI-DSS, and ISO 27001 — plus one-click PDF generation.

Pentest

“What runtime vulnerabilities exist?” Dynamic scan results against your live endpoints, mapped to OWASP Top 10 categories.

Route Sensitivity

“Are sensitive routes protected?” The automatic and custom protection rules applied to admin, payment, export, and other sensitive path patterns.

Incidents

“What security incidents occurred?” A chronological list of confirmed incidents — brute force attempts, impossible travel events, credential stuffing — with severity and response status.

Forensics

“Investigate specific events.” Deep-dive into any individual event: full payload, geo enrichment, session fingerprint, and the compliance controls it maps to.
Settings lives at the bottom of the sidebar. This is where you manage your API key, configure alert channels, set your app slug for the Security Certificate, and control which modules are active.

Live data via SSE

Every page that shows event data receives updates through a persistent Server-Sent Events (SSE) stream from the API. You don’t need to refresh — new events appear within 500 ms of LintLiot detecting them. A small colored dot in the top-right of the Monitor page shows whether the stream is connected (Live) or reconnecting.
The SSE stream only carries events for the app currently selected in the sidebar app selector. If you have multiple apps, switch between them using the dropdown to see each app’s live feed.

When you first connect

Before your SDK sends its first request, the dashboard uses a neutral “not connected” state rather than showing errors. You’ll see:
  • A dashed circle outline with a shield icon where your Security Score will appear, with the hint “Awaiting connection”
  • Stat cards showing dashes with a “no data yet” micro-label
  • A blue (not red) banner: “Connect your SDK to start seeing real data”
These placeholders are intentional — they signal that the dashboard is ready and waiting, not that something is broken. Once your app receives its first request, the score and stats populate automatically.

Learning mode progress

After your SDK connects, LintLiot enters a 7-day passive observation window to build behavioral baselines specific to your app. During this time, the Overview page shows a progress banner: 
LintLiot is learning your app's normal behavior

Day 4 of 7  ████████████░░░░░░░░  57% complete

Traffic patterns:     ✓ Learned
Geographic patterns:  ✓ Learned
User behavior:        ⟳ Learning...
Auth patterns:        ⟳ Learning...
Data access:          ○ Pending

Your app is still protected by standard rules.
Personalized protection activates on Day 8.
Each baseline tracks a different dimension of your app’s traffic. Once all five are complete, you’ll receive an email and a dashboard notification prompting you to enable enforcement mode with a single button press.
Your app is protected by standard WAF rules, rate limiting, and bot detection throughout the learning phase — you’re never unprotected. Learning mode simply means personalized, baseline-relative thresholds aren’t active yet.
Your Security Score shows a -10 penalty while learning mode is active. This is by design — it reflects that tailored enforcement isn’t enabled yet. The score rises when you press Enable Protection on Day 8.

Security Score

How your 0–100 score is calculated and how to improve it.

Emergency Lockdown

Make your app read-only instantly during an active attack.

Security Certificate

Share your security posture publicly with the verify page and badge.