# Quint ## Docs - [Agents](https://quintsecurity.mintlify.app/api/agents.md): Detected AI agent registry - [Authentication](https://quintsecurity.mintlify.app/api/authentication.md): API authentication methods for the Quint cloud API - [Get Agent](https://quintsecurity.mintlify.app/api/endpoint/get-agent-detail.md): Retrieve detail for a specific detected agent. - [List Agents](https://quintsecurity.mintlify.app/api/endpoint/get-agents.md): List all AI agents detected across your fleet. - [List Deploy Tokens](https://quintsecurity.mintlify.app/api/endpoint/get-deploy-tokens.md): List all deploy tokens for your organization. Token values are not returned (only metadata). - [Get Event](https://quintsecurity.mintlify.app/api/endpoint/get-event-detail.md): Retrieve a single event by its ID. - [List Events](https://quintsecurity.mintlify.app/api/endpoint/get-events.md): List events with filtering by agent, session, action type, tool name, decision, risk range, and time range. - [Event Statistics](https://quintsecurity.mintlify.app/api/endpoint/get-events-stats.md): Get 24-hour aggregate statistics for events in your organization. - [Health Check](https://quintsecurity.mintlify.app/api/endpoint/get-health.md): Liveness check endpoint. Returns a simple status indicating whether the API service is running. No authentication required. - [Readiness Check](https://quintsecurity.mintlify.app/api/endpoint/get-ready.md): Readiness check endpoint. Confirms the API is ready to accept traffic and all dependencies are available. No authentication required. - [Session Children](https://quintsecurity.mintlify.app/api/endpoint/get-session-children.md): List child sessions spawned from a parent session. - [Get Session](https://quintsecurity.mintlify.app/api/endpoint/get-session-detail.md): Retrieve a session with its children and risk summary. - [Session Events](https://quintsecurity.mintlify.app/api/endpoint/get-session-events.md): List all events belonging to a specific session. - [List Sessions](https://quintsecurity.mintlify.app/api/endpoint/get-sessions.md): List sessions with filtering by state, platform, root_only, and since. - [Get Tenant](https://quintsecurity.mintlify.app/api/endpoint/get-tenant.md): Retrieve the current organization (tenant) details. - [Create Deploy Token](https://quintsecurity.mintlify.app/api/endpoint/post-deploy-tokens.md): Create a new deploy token for fleet enrollment. The raw token is returned only once. - [Ingest Events](https://quintsecurity.mintlify.app/api/endpoint/post-events-ingest.md): Ingest events captured by the Quint daemon. Rate-limited per organization. Used by the endpoint agent to push captured system events. - [Ingest Sessions](https://quintsecurity.mintlify.app/api/endpoint/post-sessions-ingest.md): Ingest session lifecycle events from the Quint daemon. Rate-limited per organization. - [Create Tenant](https://quintsecurity.mintlify.app/api/endpoint/post-tenant.md): Create a new organization (tenant). Typically called during onboarding. - [Events](https://quintsecurity.mintlify.app/api/events.md): Event ingestion and querying - [Health Checks](https://quintsecurity.mintlify.app/api/health.md): System health and readiness endpoints - [Justification](https://quintsecurity.mintlify.app/api/justification.md): Compliance justifications (coming soon) - [Policies](https://quintsecurity.mintlify.app/api/policies.md): Policy-based enforcement (coming soon) - [Scores](https://quintsecurity.mintlify.app/api/scores.md): Risk scoring for events - [Sessions](https://quintsecurity.mintlify.app/api/sessions.md): Session lifecycle tracking and querying - [Agent Fingerprint](https://quintsecurity.mintlify.app/behavioral/agent-fingerprint.md): The ~3.1KB probabilistic data structure that captures an agent's behavioral baseline - [Baseline Floors](https://quintsecurity.mintlify.app/behavioral/baseline-floors.md): Minimum divergence thresholds that agent learning can never lower — the anti-poisoning layer - [Behavioral Intelligence Service](https://quintsecurity.mintlify.app/behavioral/bi-service.md): The per-tenant cloud-side brain — consumes events, scores via rules, computes baselines, pushes corrections - [Confidence Bands](https://quintsecurity.mintlify.app/behavioral/confidence-bands.md): Three-state classification system that eliminates alert fatigue - [Deviation Signals](https://quintsecurity.mintlify.app/behavioral/deviation-signals.md): 6 independent statistical signals that detect behavioral anomalies - [Envelope Lifecycle](https://quintsecurity.mintlify.app/behavioral/envelope-lifecycle.md): How a behavioral envelope is born, learns, matures, evolves, and syncs across proxy instances - [Group Envelopes](https://quintsecurity.mintlify.app/behavioral/group-envelopes.md): How new agents inherit behavioral baselines from their group to eliminate cold-start noise - [ML Roadmap](https://quintsecurity.mintlify.app/behavioral/ml-roadmap.md): Stage-by-stage status of Quint's detection architecture and the triggers that advance each stage - [Behavioral Intelligence Overview](https://quintsecurity.mintlify.app/behavioral/overview.md): How Quint's edge-local behavioral engine detects anomalous AI agent actions in real time - [Probabilistic Data Structures](https://quintsecurity.mintlify.app/behavioral/probabilistic-structures.md): Bloom filters, Count-Min Sketches, and HyperLogLog — the primitives behind Quint's behavioral fingerprint - [Scoring Pipeline](https://quintsecurity.mintlify.app/behavioral/scoring-pipeline.md): The 4-gate fast-rejection architecture that evaluates every agent action - [Session Relationships](https://quintsecurity.mintlify.app/behavioral/session-relationships.md): How the proxy captures structural flow patterns within a session using fixed-size flow matrices - [Shadow Mode](https://quintsecurity.mintlify.app/behavioral/shadow-mode.md): Observe-only deployment for behavioral engine calibration - [Threat Detections](https://quintsecurity.mintlify.app/behavioral/threat-detections.md): How behavioral anomalies are persisted and resolved - [Threat Signatures](https://quintsecurity.mintlify.app/behavioral/threat-signatures.md): Known-dangerous structural shapes matched via JSD — not hardcoded capability pairs - [Changelog](https://quintsecurity.mintlify.app/changelog/overview.md): Release history and implementation progress for the Quint platform - [v0.9.0 — Behavioral Intelligence Engine](https://quintsecurity.mintlify.app/changelog/v0-9-0.md): P2-P4 complete. Behavioral scoring pipeline, multi-proxy sync, BI Service, flow-based redesign, threat signatures. - [v1.0.0 — Graph Intelligence Engine](https://quintsecurity.mintlify.app/changelog/v1-0-0.md): P5 complete. Memgraph graph database, VGAE autoencoder, GNN scoring pipeline, signature distillation, full intelligence loop. - [v1.0.3 — Session Attribution & Edge Stability](https://quintsecurity.mintlify.app/changelog/v1-0-3.md): session_id on every audit row, decoded timeline API, NE CPU watchdog fix, SSE streaming framing fix - [Auth API Reference](https://quintsecurity.mintlify.app/cloud/auth-api-reference.md): API endpoints for team management, token operations, and user preferences - [Authentication & Authorization](https://quintsecurity.mintlify.app/cloud/auth-overview.md): How Quint handles user authentication, organization provisioning, and access control - [Role-Based Access Control](https://quintsecurity.mintlify.app/cloud/auth-rbac.md): Role hierarchy, permission matrix, and enforcement rules for Quint organizations - [Token Hierarchy](https://quintsecurity.mintlify.app/cloud/auth-token-hierarchy.md): Token types, scopes, lifecycle, and security model for Quint API authentication - [Divergence Detector](https://quintsecurity.mintlify.app/cloud/divergence-detector.md): The cloud service that correlates agent intent with observed OS behavior to detect prompt injection, tool spoofing, and data exfiltration - [Entity Risk Assessment](https://quintsecurity.mintlify.app/cloud/entity-risk.md): Agent, system, and fleet-level risk scoring across all behavioral history - [Fleet Management](https://quintsecurity.mintlify.app/cloud/fleet.md): Enroll, monitor, and manage Quint daemons across your organization - [Event Ingestion](https://quintsecurity.mintlify.app/cloud/ingestion.md): How the edge daemon delivers events to the cloud — batching, overflow, SNS/SQS fan-out - [Multi-Tenancy](https://quintsecurity.mintlify.app/cloud/multi-tenancy.md): Enterprise tenant isolation with Postgres Row Level Security - [Cloud Architecture](https://quintsecurity.mintlify.app/cloud/overview.md): How events flow from the daemon through ingestion, scoring, and fleet aggregation - [Proxy RBAC & Cloud Auth](https://quintsecurity.mintlify.app/cloud/rbac.md): Deny-first access control, ES256 JWT tokens, and subagent policy narrowing - [Cloud Scoring Integration](https://quintsecurity.mintlify.app/cloud/scoring.md): Enriched event payloads, session tracking, and 4-layer score decomposition from the cloud API - [Proxy Layer](https://quintsecurity.mintlify.app/concepts/deployment-modes.md): Full agent interception — MCP gateway, SDK middleware, API event stream - [How Quint Works](https://quintsecurity.mintlify.app/concepts/how-it-works.md): End-to-end flow from agent action to cloud-scored decision — one page, every layer, every handoff - [Intent vs Truth](https://quintsecurity.mintlify.app/concepts/intent-vs-truth.md): How Quint detects AI agent attacks by correlating declared intent with observed OS behavior - [Detection Ladder](https://quintsecurity.mintlify.app/concepts/ml-ladder.md): Why Quint's detection architecture is staged from deterministic rules to graph neural networks - [Platform Coverage](https://quintsecurity.mintlify.app/concepts/platform-coverage.md): How Quint covers every surface where AI agents run — one product, multiple collectors - [System Architecture](https://quintsecurity.mintlify.app/concepts/system-design.md): Three-tier architecture: ES extension (truth), forward proxy (intent), and the cloud platform. Covers session detection, event ingestion, and the API service. - [Alerts & Triage](https://quintsecurity.mintlify.app/dashboard/alerts.md): Alert management, triage workflows, and inline actions for security investigation - [Dashboard](https://quintsecurity.mintlify.app/dashboard/architecture.md): Real-time security operations center for AI agent activity - [Fleet Management](https://quintsecurity.mintlify.app/dashboard/fleet.md): Manage devices, agents, groups, and organizational hierarchy - [Dashboard Overview](https://quintsecurity.mintlify.app/dashboard/overview.md): Navigate Quint's dashboard using the OODA-based layout: observe, investigate, manage, analyze - [Sessions](https://quintsecurity.mintlify.app/dashboard/sessions.md): Three-level drill-down into AI agent sessions: platforms, session list, and session detail - [Settings & Preferences](https://quintsecurity.mintlify.app/dashboard/settings.md): Configure theme, notifications, team management, and API tokens - [Agent Identity & Naming](https://quintsecurity.mintlify.app/edge/agent-identification.md): Auto-discovery, word-based naming, and provider-scoped identities for AI agents - [Edge Daemon](https://quintsecurity.mintlify.app/edge/daemon.md): Go daemon with forward proxy, MCP gateway, unified session tracker, and cloud forwarder - [EndpointSecurity Extension](https://quintsecurity.mintlify.app/edge/endpoint-security.md): macOS system extension — code signing detection, 9 event types, Unix socket transport to daemon - [Forward Proxy & Watch Mode](https://quintsecurity.mintlify.app/edge/forward-proxy.md): MITM TLS interception via CONNECT tunnels — monitor any AI agent with zero code changes - [Network Extension (NE)](https://quintsecurity.mintlify.app/edge/network-extension.md): Transparent interception of LLM API traffic on macOS via NETransparentProxyProvider — zero-config for end users - [Edge Architecture](https://quintsecurity.mintlify.app/edge/overview.md): Everything that runs on the user's machine — proxy, extensions, daemon, and how they share a unified session model - [Platform Detection](https://quintsecurity.mintlify.app/edge/platform-detection.md): Multi-layer agent detection — code signing, process scanning, proxy headers, and system prompt fingerprinting - [Sub-Agent Detection](https://quintsecurity.mintlify.app/edge/sub-agent-detection.md): Passive and active detection systems for identifying spawned sub-agents across CONNECT tunnels - [Action Taxonomy](https://quintsecurity.mintlify.app/graph/action-taxonomy.md): Canonical domain:scope:verb event classification with 7 domains and 150+ actions - [Compliance Ontology](https://quintsecurity.mintlify.app/graph/compliance-ontology.md): 1,948+ nodes and 1,075+ edges across 16 compliance frameworks - [Forward-Chaining Engine](https://quintsecurity.mintlify.app/graph/forward-chaining.md): 90+ inference rules across 16 compliance frameworks with agenda-based evaluation - [Graph Neural Network](https://quintsecurity.mintlify.app/graph/gnn.md): Multi-level GNN ensemble for behavioral anomaly detection — VGAE autoencoder, GAT classifier, Mahalanobis distance, and learned ensemble weights - [Memgraph Graph Database](https://quintsecurity.mintlify.app/graph/memgraph.md): In-memory graph database storing agent action graphs for GNN-based anomaly detection - [Graph Intelligence Overview](https://quintsecurity.mintlify.app/graph/overview.md): How Quint's graph-native reasoning engine scores AI agent actions - [Graph-Structured RAG](https://quintsecurity.mintlify.app/graph/rag.md): Compliance articles and mitigations retrieved from Memgraph for grounded LLM reasoning - [Scoring Algorithm](https://quintsecurity.mintlify.app/graph/scoring-algorithm.md): 4-layer composite risk scoring pipeline — Graph-to-Score - [Intelligence](https://quintsecurity.mintlify.app/intelligence/overview.md): Behavioral scoring + graph intelligence — how Quint detects, scores, and distills attack patterns - [Introduction](https://quintsecurity.mintlify.app/introduction.md): Visibility and control for every AI agent action in your organization - [Installation](https://quintsecurity.mintlify.app/operations/installation.md): Installing Quint on macOS via .pkg, approving extensions, first-run verification - [Platform Test Matrix](https://quintsecurity.mintlify.app/operations/platform-test-matrix.md): Ground-truth verification of every AI platform Quint claims to support. Aspiration vs reality. - [quint test-platforms](https://quintsecurity.mintlify.app/operations/test-platforms-cli.md): Automated harness that runs the platform test matrix against a live daemon. Replaces manual verification. - [Testing & Development](https://quintsecurity.mintlify.app/operations/testing.md): Local dev setup, test credentials, and testing workflows for the Quint platform - [Troubleshooting](https://quintsecurity.mintlify.app/operations/troubleshooting.md): Common edge-side issues and how to fix them — extension installs, daemon restarts, backpressure - [Agent Bill of Materials (AIBOM)](https://quintsecurity.mintlify.app/playbook/agent-bill-of-materials.md): Per-session audit records for every AI agent interaction. EU AI Act, NIST AI RMF, ISO 42001 aligned. - [Air-Gapped & Self-Hosted Deployment](https://quintsecurity.mintlify.app/playbook/air-gapped-deployment.md): Three-tier on-prem strategy: BYOC, connected on-prem, and true air-gap. - [Category naming](https://quintsecurity.mintlify.app/playbook/category-naming.md) - [Closed-Loop Signature Distribution](https://quintsecurity.mintlify.app/playbook/closed-loop-signatures.md): Detection to fleet-wide prevention in 30 seconds — design, format, and engineering plan - [Ide extension](https://quintsecurity.mintlify.app/playbook/ide-extension.md) - [The Playbook](https://quintsecurity.mintlify.app/playbook/overview.md): Ten ideas stolen from the best of the AI security market, filtered through Quint's thesis, and converted into shippable specs - [Quint lab ctf](https://quintsecurity.mintlify.app/playbook/quint-lab-ctf.md) - [Quint labs](https://quintsecurity.mintlify.app/playbook/quint-labs.md) - [Security graph](https://quintsecurity.mintlify.app/playbook/security-graph.md) - [Shadow AI Discovery](https://quintsecurity.mintlify.app/playbook/shadow-ai-discovery.md): Competitive landscape, design spec, and sprint plan for Quint's Shadow AI Discovery feature - [Sku packaging](https://quintsecurity.mintlify.app/playbook/sku-packaging.md) - [audit.proto](https://quintsecurity.mintlify.app/proto/audit.md): Signed, chain-linked audit log entries with Ed25519 signatures - [auth.proto](https://quintsecurity.mintlify.app/proto/auth.md): Authentication schemas — Passkey/WebAuthn, API keys, and sessions - [common.proto](https://quintsecurity.mintlify.app/proto/common.md): Shared types and enums used across all Quint services - [Protobuf Schemas](https://quintsecurity.mintlify.app/proto/overview.md): Shared contract definitions for the Quint platform - [policy.proto](https://quintsecurity.mintlify.app/proto/policy.md): Policy configuration schemas — server policies, tool rules, scoring policies - [proxy.proto](https://quintsecurity.mintlify.app/proto/proxy.md): Proxy interception schemas — intercepted messages, policy decisions, audit queries - [risk_evaluation.proto](https://quintsecurity.mintlify.app/proto/risk-evaluation.md): Risk scoring and assessment — action context, score decomposition, gRPC service - [Quickstart](https://quintsecurity.mintlify.app/quickstart.md): Get Quint running in under 5 minutes ## OpenAPI Specs - [openapi](https://quintsecurity.mintlify.app/api-reference/openapi.json) ## Optional - [GitHub](https://github.com/Quint-Security)