Skip to content

Reference

User Guide

Screen-by-screen reference for every Bleep application

Bleep Individual is a standalone desktop app for personal use. It uses DNS redirect to intercept and inspect AI traffic for sensitive data — no server, proxy configuration, or IT infrastructure required. All violation data, policies, and configuration are stored in a local SQLite database on your machine — nothing is sent to the cloud.

Setup wizard

On first launch, a guided wizard walks you through initial configuration. You can re-run it from Settings at any time.

  1. Welcome — overview of what Bleep does and how it works.
  2. License — sign in with your email (sends a one-time code) or enter a license key directly. Your plan and seat info are displayed after validation.
  3. Certificate — installs a local CA certificate so Bleep can inspect HTTPS traffic to AI services. You'll be prompted by your OS to trust the certificate.
  4. DNS protection — installs and starts the Bleep DNS redirect service. Your system DNS is set to 127.0.0.1, and AI domains are resolved to a local address for TLS interception. No proxy or port configuration needed.
  5. Health check — verifies license, certificate, DNS service, internet connectivity, and protection status. All five checks must pass.
  6. Done — setup complete. Bleep starts protecting immediately.

Header controls

The top bar is always visible and shows your protection status.

  • Protection toggle — enables or disables traffic inspection. When off, traffic passes through without scanning.
  • Mode selector — switch between Warning (caps all actions at Warn — nothing is blocked or redacted) and Enforcing (policies apply as configured).
  • Alerts bell — shows the count of recent violations. Click to see the violations list.

Overview

The default screen after setup. Shows a summary of your protection activity across all sources — browsers, MCP servers, IDE agents, and CLI tools.

  • Stats cards — total violations, violations by severity, and violations by category.
  • Timeframe selector — filter stats by Last Hour, 24h, 7 Days, 30 Days, or All Time.
  • Charts — bar chart of violations by severity, and bar chart of violations by category.
  • Connection status — shows license plan, DNS service status, and whether protection is active.
  • Recent violations — the last 5 violations with timestamp, pattern name, severity, and action taken.

Violations

A full log of every detection event.

  • Filters — filter by severity (Low, Medium, High, Critical), action (Logged, Warned, Redacted, Blocked), or search by pattern name.
  • Violations table — each row shows timestamp, pattern name, severity badge, destination domain, direction (request/response), and the action that was taken.
  • Detail view — click a violation to see the redacted preview (the actual sensitive content is never stored), matched pattern, and full request metadata.
  • Export — export violations as CSV, JSON, or PDF for compliance records.

Policies

Configure what Bleep detects and how it responds. The Policies screen has several sub-sections:

Test scanner

Paste any text to test it against your current detection patterns. Results show which patterns match, their severity, and what action would be taken.

Blocklist

Add exact values (strings) that should always be detected — click "+ Add Blocklist Item" to add one. Enter a label, category, severity, and the value to match. Values are encrypted at rest and never shown in full. When a blocklist value is found in a request, it triggers a violation just like a pattern match. Useful for known sensitive values like specific API keys, passwords, or internal project names.

Detection patterns

Bleep ships with 6 built-in patterns (OpenAI API Key, Anthropic API Key, AWS Access Key ID, AWS Secret Access Key, Stripe Secret Key, Google API Key — all severity High). You can add custom patterns with a name, regex, severity level, and optional tags.

Policy rules

Rules determine the action taken when a pattern matches. Each rule specifies a condition (severity level, tags, or destination category) and an action (Log, Warn, Redact, or Block). Rules are evaluated by priority: Block > Redact > Warn > Log.

Destinations

A dedicated tab for managing the AI service domains that Bleep monitors.

  • Destination categories — domains are organized into 17 categories (AI Chatbots, AI Coding, AI APIs, etc.). Enable or disable entire categories with a toggle.
  • Add destination — create custom destination categories for internal AI tools with a name, description, risk level, and list of domains.
  • Edit / Delete — modify or remove custom destinations. Built-in destinations can be toggled but not deleted.
  • Auto-update — the built-in domain list updates automatically from the cloud and merges with your customizations.

Settings

  • Notifications — toggle desktop notifications for violations (enabled by default), set the minimum severity level to trigger notifications, and configure a cooldown period between alerts to avoid spam.
  • Appearance — light or dark theme.
  • Scan body size limit — set the maximum request/response body size that Bleep will scan (default: 10 MB). Larger bodies are passed through without inspection.
  • Software Updates — check for app updates and install them. Bleep checks for updates automatically in the background.
  • Account — view your license details (plan, email, status). Use Change License Key to switch licenses, or Revalidate to re-check your current license with the cloud.
  • Re-run setup wizard — start the setup wizard again to reconfigure license or certificate.

License & instance binding

Your license is bound to the device where it was first activated. If you move to a new machine:

  • Instance conflict — when you sign in on a new device, Bleep detects that the license is bound elsewhere and shows a conflict screen with details about the currently bound device.
  • Move License to This Device — click this button to transfer the license. The old device is automatically deactivated and the new device takes over. No need to contact support.

System tray & always-on protection

Bleep runs continuously in your system tray (Windows) or menu bar (macOS), similar to a VPN client. The DNS redirect service stays active even when the window is closed — closing the window or clicking Quit in the tray menu simply hides the window while protection remains on.

  • Show / Hide — right-click the tray icon to show or hide the window. Left-click to bring it back.
  • Quit — hides the window to the tray. The DNS service keeps running and your traffic stays protected.
  • Shut Down & Exit — fully stops the DNS redirect service and exits the app. A confirmation dialog appears first, then Bleep restores your original DNS settings before closing.

Bleep auto-starts on login so protection is always active. If the app is force-killed or crashes, it automatically restores DNS settings on the next launch.

Best PracticesTroubleshooting
Ask me