Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.lintliot.com/llms.txt

Use this file to discover all available pages before exploring further.

Every LintLiot app on the Pro plan or above gets a public Security Certificate page — a hosted, always-current view of your app’s security posture that anyone can read without logging in. When an enterprise prospect asks “how do you handle security?”, you send them this link instead of writing a three-page questionnaire response.

Your verify page

Your certificate lives at: 
https://lintliot.com/verify/[your-app-slug]
The page displays:
  • Your current Security Score (0–100) with the corresponding band color
  • The last scan date — when LintLiot most recently evaluated your app
  • Your active protections — WAF, rate limiting, bot detection, IP intelligence, anomaly detection, and any additional modules you’ve enabled (such as field-level encryption or compliance monitoring)
  • Compliance framework status — each framework you’ve configured (SOC 2, GDPR, HIPAA, PCI-DSS, ISO 27001) with pass rate and number of passing controls
  • A “Verified by LintLiot” badge
The page requires no authentication to view. It’s cached at the edge with a 60-second TTL, so it’s fast anywhere in the world and stays current within a minute of any score change.

Finding your app slug

Your slug is derived from your app name — lowercased and hyphenated. For example, an app named “My SaaS App” gets the slug my-saas-app. To confirm your slug or set a custom app name:
1

Open Settings

Click Settings at the bottom of the sidebar.
2

Go to App settings

Select the App settings tab. Your current app name is shown here — your slug is generated from this name automatically.
3

Rename if needed

If you want a cleaner slug (for example acme instead of acme-app-v2), update your app name here. The verify URL updates immediately.

The “Secured by LintLiot” badge

The badge is an SVG image that displays your live Security Score and links to your verify page. Drop it anywhere — a GitHub README, a landing page footer, a status page. 
<a href="https://lintliot.com/verify/myapp">
  <img src="https://lintliot.com/badge/myapp.svg" alt="Secured by LintLiot" width="180" />
</a>
Replace myapp with your actual app slug. The badge image renders like this: 
┌────────────────────────────────────┐
│  Secured by LintLiot      94/100   │
└────────────────────────────────────┘
The score on the right side updates automatically — the SVG is regenerated on each request and cached at the edge for 5 minutes. Score color matches the band: green for Excellent, blue for Good, yellow for Fair, orange for Poor, red for Critical.
The 5-minute badge cache means there can be a short lag between a score change and the badge updating in places where it’s already been loaded. The verify page itself refreshes within 60 seconds.

Where to use it

When a large company asks for a security questionnaire or wants evidence of controls, paste your verify URL directly into the email. The page shows your score, active protections, and compliance framework pass rates — answering most standard security questionnaires in one link.
“Here’s our security posture: lintliot.com/verify/myapp — SOC 2 controls passing, 94/100 score, no open critical findings.”
Add the verify link or an embedded screenshot to your security slide. It demonstrates that you take security seriously and have tooling to prove it — not just a checkbox statement.
Embed the badge in your site’s footer or a “Security” section. Visitors and potential customers can click through to verify the claim independently, which makes it more credible than a logo or text assertion.
Add the badge to your repository README alongside your CI status badge and license badge. It’s particularly useful for open-source projects or developer tools where security posture affects adoption decisions.
[![Secured by LintLiot](https://lintliot.com/badge/myapp.svg)](https://lintliot.com/verify/myapp)

Plan availability

The Security Certificate page and badge are available on the Pro plan and above. On the Free plan, the verify URL and badge endpoint still resolve — so if you receive a shared link you can still view another app’s certificate — but you cannot generate or configure your own certificate page until you upgrade.
Your Security Score needs to be in a reasonable band for the certificate to work in your favor. If your score is in the Poor or Critical range, fix the highest-weight issues first (open critical findings, failed compliance controls) before sharing the link. See Understanding your Security Score for a step-by-step improvement guide.