# LiteSOC — How It Works > Application-level security that works like a CCTV inside your house, not just a fence around it. Setup in 2 minutes. - **Website:** https://litesoc.io/how-it-works ## The Analogy | Layer | Tool | What It Does | |---|---|---| | Network-level (fence outside) | Cloudflare, WAF | Stops strangers from getting into your property. Blocks bots, DDoS attacks, and known bad actors before they reach your door. | | Application-level (CCTV inside) | LiteSOC | Watches what happens after someone walks through the front door. Records who came in, what they touched, and alerts you if someone starts acting suspiciously — even if they had a key. | ## Setup Steps ### Step 1: Create your free account Sign up at litesoc.io. It takes less than a minute. No credit card needed. You will get an API key immediately — that is the only thing you need to connect your app. ### Step 2: Place the API call at the right spots in your app LiteSOC is not just a login monitor. For full coverage, you call the API at different sensitive points in your app: ```typescript // 1. After login (auth events) await litesoc.track({ event: 'auth.login', userId: user.id }); // 2. In your Admin Panel (privilege escalation events) await litesoc.track({ event: 'authz.role_change', userId: user.id, metadata: { from: 'viewer', to: 'admin' } }); // 3. In Data Management (bulk delete / export events) await litesoc.track({ event: 'data.bulk_delete', userId: user.id, metadata: { recordCount: 500, table: 'customers' } }); // 4. In Account Settings (password & MFA change events) await litesoc.track({ event: 'auth.password_change', userId: user.id }); await litesoc.track({ event: 'auth.mfa_enabled', userId: user.id }); ``` ### Step 3: LiteSOC watches what happens inside your app Every time someone logs in, accesses a resource, or performs a sensitive action, LiteSOC records it. It automatically enriches each event with the user's location, device, IP risk score, and whether they are using a VPN or Tor. ### Step 4: Get alerted the moment something suspicious happens If LiteSOC detects unusual behaviour — like a user logging in from two different countries within an hour, or multiple failed login attempts — it sends you an instant alert via Slack, email, or webhook. ## Frequently Asked Questions **Q: Is LiteSOC like Cloudflare?** No. Cloudflare is a fence around your house. It protects your server from attacks before they reach your app. LiteSOC is a CCTV inside the house. It watches what happens after someone gets in. You ideally want both. **Q: What does 'application-level security' mean?** It means LiteSOC works inside your app, not at the network level. Instead of looking at raw network traffic, it tracks real user actions — logins, data access, account changes — with full context about who did what, when, and from where. **Q: Do I need to be a security expert to use this?** Not at all. LiteSOC is designed for developers and founders, not security teams. You add one line of code after your login check, connect your Slack, and you are done. **Q: Will it slow down my app?** No. LiteSOC sends events in the background asynchronously. The average latency added is less than 50ms, and it does not block your app from responding. **Q: What is 'impossible travel'?** Impossible travel is when the same account logs in from two locations that are physically impossible to travel between in the time gap between logins. For example: logged in from Kuala Lumpur at 9am, then from London at 9:05am. **Q: Does it work with Supabase, Firebase, or Auth0?** Yes. LiteSOC has native integrations with Supabase Auth, Auth0, Firebase Auth, Clerk, and NextAuth.js. Setup takes under 2 minutes.