CF Guard Desk docs, quickstart, and troubleshooting.
Use these guides when you need install help, Cloudflare connection setup, scan-profile guidance, findings interpretation, export behavior, or release and troubleshooting detail.
Start with the desktop trial. Keep the evidence local.
Every public build starts with 7 days of full access. Pricing, rollout state, and public docs are meant to stay honest even when every commerce or CDN path is not yet fully wired.
- App version from the About panel
- Operating system and whether this is a release build or source build
- Exact repro steps and the expected result
- Actual result with screenshot or recording where relevant
The shortest reliable path to a working CF Guard Desk workflow.
Follow this sequence instead of hopping between pages. It gets a new evaluator from product context to first audit with the least confusion.
Understand the current product surface first
Start with the product overview for positioning, capability surface, buyer fit, and the local-first evidence model.
Open stepMove from install to first working audit
Quickstart covers vault setup, connection validation, zone discovery, first scan, and first findings review.
Open stepUse the right Windows, macOS, or Linux path
Platform notes cover staged rollout, packaging status, and local build prerequisites across desktop targets.
Open stepKnow the vault and license rules before rollout
Security, vault, and licensing explains local storage, safe probes, offline grace, and visible license-state handling.
Open stepDesktop platform guidance is explicit about rollout state and support posture.
The docs separate public release state from runtime behavior so the site can talk about Windows, macOS, and Linux honestly without implying more than the artifacts support.
The site does not need to pretend every platform is equally live. It needs to explain current state clearly enough that buyers and testers know what is ready now.
Windows
- First verified public release target
- Owner builds already exist
- Early-access installer warnings may still apply
macOS
- Public rollout is staged behind a proper macOS build host
- Signing and notarization still matter before broad release
- Documented visibility is not the same as public artifact readiness
Linux
- Public packaging remains staged
- Desktop runtime dependencies must be validated before release
- The site keeps platform status honest rather than implying unsupported readiness
Find the guide by the job you are actually doing.
The product is not one screen. The docs are organized around real operator tasks: connection setup, scan execution, dashboard review, findings, history, and release work.
Open the guide for the task in front of you instead of skimming every page and hoping the right answer is somewhere in the middle.
Set up workspaces and Cloudflare connections cleanly
Workspace boundaries, token validation, capability checks, and zone discovery.
Open guideRun the scan profile that fits the question
Quick Scan, Full Audit, Focused Rescan, and coverage-aware interpretation of results.
Open guideUse the dashboard and analytics correctly
How posture score, pressure indicators, and zone prioritization are meant to guide action.
Open guideUnderstand findings, scoring, and suppressions
Severity, confidence, cross-signal risk, notes, policies, and suppressions.
Open guideExport history and evidence
Markdown, JSON, drift, history, and diagnostics boundaries.
Open guideBuild and release safely
Desktop packaging, verification, and Cloudflare Pages deployment expectations.
Open guideCommon rollout and coverage issues have dedicated entry points.
The docs are meant to cut through the first-line confusion quickly: token scope, coverage gaps, staged platform rollout, or incorrect expectations about the output.
A useful docs hub routes users to the right diagnostic path first. It does not ask support to sort setup drift from real defects by hand.
Expected zones are missing
Check token scope, account alignment, and workspace context before assuming the issue is rendering-related.
Open pathThe scan looks too thin
Interpret visibility gaps and scan depth before treating partial coverage as a product defect.
Open pathDashboard and findings feel disconnected
Use the dashboard for prioritization and the findings explorer for remediation detail, notes, and status.
Open pathThe rollout state is confusing
Read platform and release docs to separate staged public delivery from actual runtime behavior.
Open pathGetting Started
3 article(s)
Product overview
Understand what CF Guard Desk is, who it is for, which posture surfaces it covers, and how the local-first workflow differs from a SaaS security console.
- Product positioning and buyer fit
- Current capability surface
- Plan summary and staged launch notes
Quickstart
Go from installer to first Cloudflare audit with the shortest safe path: vault setup, token validation, zone discovery, scan execution, and findings review.
- Installer path and first launch
- Vault setup
- Cloudflare connection validation
Platform setup and environment notes
Release artifacts, platform support boundaries, local build requirements, and the OS-specific behavior that affects install, packaging, or runtime.
- Windows-first rollout notes
- macOS and Linux staging expectations
- Local build prerequisites
Operations
6 article(s)
Workspaces and Cloudflare connections
How workspace boundaries, token validation, capability inspection, and zone discovery are supposed to work in the current product.
- Workspace boundaries
- Connection validation and capability checks
- Zone discovery expectations
Scan profiles and zone coverage
How Quick Scan, Full Audit, and Focused Rescan differ, and how zone-level visibility and safe probes affect the scan result.
- Quick Scan, Full Audit, and Focused Rescan intent
- Zone selection and scope
- Safe probes and public-edge verification
Dashboard and analytics surfaces
What the dashboard is intended to show, how analytics fits into the product, and how to interpret posture, pressure, and trend indicators.
- Posture score interpretation
- Zone risk and pressure indicators
- Analytics role in the current product
Findings and posture scoring
How the current finding taxonomy works, how severity and confidence differ, and why reproducibility matters for later review.
- Current finding families
- Severity and confidence model
- Cross-signal risk rationale
Policies and suppressions
How policy packs, premium rules, suppression workflow, and operator intent should work together in the current product.
- Suppression workflow intent
- Why notes matter
- Plan-linked policy surface
Exports and history
How markdown and JSON exports, local history, and evidence preservation work in the current desktop product.
- Markdown and JSON export intent
- Local history and drift tracking
- Diagnostics boundaries
Security
1 article(s)
Security, vault, and licensing
Review the current local security model, safe probes, secret storage, desktop telemetry posture, and the v1 licensing behavior.
- Vault model and secret storage
- Safe probe boundaries
- Desktop telemetry posture
Release Engineering
1 article(s)
Build, packaging, and release workflow
Local desktop build commands, verification steps, website build expectations, and the release hygiene required for staged public distribution.
- Desktop commands
- Minimum verification gates
- Website build and Cloudflare Pages expectations
Support
1 article(s)
Troubleshooting
First-line fixes for missing zones, token scope gaps, partial visibility, build issues, and public-download or install problems.
- Token and capability diagnosis
- Zone and scan coverage issues
- Build and packaging issues