Skip to content
AT-AT

User Manual

User Manual – AT-AT: API Threat Assessment Tool

Section titled “User Manual – AT-AT: API Threat Assessment Tool”

Welcome to the AT-AT User Manual. This guide will walk you through the core features and interface of AT-AT, a platform designed to assess, monitor, and improve the security of your APIs based on OWASP standards. The images are all in dark mode, as thats what we designed the website around.

1. Landing Page (Marketing View)

Section titled “1. Landing Page (Marketing View)”

Landing Page

This is the public-facing page. It includes:

  • A summary of what AT-AT does
  • A CTA to Join Beta Program
  • Visual stats on APIs scanned, last scan, and vulnerabilities
  • Quick access to Learn More

Ideal for newcomers wanting to understand the platform.

2. Authentication

Section titled “2. Authentication”

2.1 Login

Section titled “2.1 Login”

Login

Existing users can log in using:

  • Email or username
  • Password

Additional options:

  • Forgot Password
  • Switch to Light/Dark mode

2.2 Sign Up

Section titled “2.2 Sign Up”

Sign Up

New users can create an account by:

  • Signing in with Google
  • Filling out: First Name, Last Name, Email, Username, Password

3. Home Dashboard

Section titled “3. Home Dashboard”

Home

After logging in, users are greeted by:

  • Welcome message
  • Buttons to Start Security Scan and View Reports
  • Summary of API scanning mission and branding

4. Dashboard View

Section titled “4. Dashboard View”

Dashboard

The Dashboard provides:

  • Quick stats: Total APIs, Scans This Month, Security Score, Critical Alerts
  • Call-to-action buttons for Start New Scan and View Reports
  • Access to quick scan configuration

5. Scanning in Progress

Section titled “5. Scanning in Progress”

Scan In Progress

During an active scan:

  • Users see current phase (e.g., Authentication Testing)
  • Real-time logs
  • Vulnerabilities found with severity indicators
  • Progress bar and scan metadata

6. Scan Report

Section titled “6. Scan Report”

Scan Report

After a scan is complete:

  • Users see the Overall Security Score
  • Test profile and scan metadata
  • Summary and categorization of issues
  • Expandable Detailed Findings

7. API Management

Section titled “7. API Management”

API Management

From here, users can:

  • Add a new API manually
  • Import API specs
  • Access centralized API operations

8. API Endpoint Overview

Section titled “8. API Endpoint Overview”

API Endpoints

Displays all APIs with:

  • URL and description
  • Scan count, last scanned date
  • Options to Scan, Edit, Delete, and View Endpoints

9. Endpoint Details

Section titled “9. Endpoint Details”

Endpoint Details

Upon clicking Endpoints, users can:

  • View all paths and methods for an API
  • Inspect path summaries
  • Access advanced tag operations

10. Tagging Interface

Section titled “10. Tagging Interface”

EndpointTags

Features include:

  • Add/Remove/Replace tags on endpoints
  • View endpoint metadata
  • View details of each operation
  • Frontend-based tagging with buttons

11. Public Templates

Section titled “11. Public Templates”

PublicTemplates

Browse pre-defined security scan templates:

  • Shows total templates, new this month, and usage stats
  • Each template can be reused for faster scans

12. Account Settings

Section titled “12. Account Settings”

AccountSettings

Manage account configurations:

  • Security preferences
  • Notification settings
  • Profile data

Conclusion

Section titled “Conclusion”

AT-AT combines advanced vulnerability scanning with a user-friendly interface. With customizable tagging, real-time logs, and detailed reporting, teams can quickly identify, prioritize, and mitigate API security issues.