Skip to content

Operation

Two optional operator workflows that shape what the engine sees and how aggressively it intervenes — both come with explicit binding conditions, and neither is on by default:

  • Learning mode — observe URLs hit by a specific client / subnet / user-agent over a window, then synthesise a starter .policy document for the operator to review and apply. The canonical first-deployment baseline-discovery flow.
  • SSL inspection — three runtime modes (off, peek, bump) controlling how the engine sees encrypted traffic. bump mode performs full HTTPS decryption and requires an explicit acknowledgement of the binding legal conditions documented in the EULA.