Web application security: check one of your 2017 resolutions today
2017 is off to a great start and like most engineers, your list of new year’s resolutions probably contains:
- Improve your code coverage
- Clean your technical debt
- Improve your regression testing
What about your application security? Not a single day without a headline in the press about a major security breach. Last year proved to be one of the worst years in terms of cyber security.
Technical debt for security is not different from quality technical debt. If your app isn’t tested properly your app will misbehave, crash or have performance impacts. If security is left behind, it will have similar devastating consequences: data exfiltration, server compromising, etc.
The kind of vulnerabilities that your application can encounter can be of:
- Common vulnerabilities: part of the OWASP Top-10 vulnerabilities like SQL injections, Cross-site scripting (XSS), shell injections, code injections)
- User related: account takeovers, account fraud etc.
Taking care of application security should be part of your new year’s resolutions.
Our core mission at Sqreen is to help developers protect their applications without the hassle against those security threats. Installing Sqreen only takes a couple of minutes. It will protect your application against all types of attacks targeting your application or users and help you identify attackers early.
Because checking one of your resolution for 2017 shouldn’t be that complicated. Here is what Sqreen brings to the table in terms of application security for 2017:
Powerful Application Protection
Sqreen will automatically block:
- OWASP top ten attacks
- Zero-day exploits
- Security Bots and Scanners
All of this with minimal impact on performance and no false positives.
Identify Attackers Early
Detect suspicious user activities like Tor connections, geolocation anomalies etc. and link them to attacks triggered in your application to identify attackers before it’s too late.
Protect your users and customers
Identify attacks or security events targeting your users: account takeovers, login brute force, geolocation anomalies, lost passwords, fake account creation etc.
Focus on what matters
Don’t spend hours on a raw logs. Sqreen’s Pulses bring a layer of intelligence on top of security events triggered inside your apps. You will only be notified about major attacks and suspicious user activities when your attention is required. Receive actionable information on every event to keep your app and users safe.
Pulses are sent when security events could have a real impact on your app. You can get them on a dedicated security channel in Slack for instance.
Here is an example of Pulse:
- An attacker created an account on your app one month ago.
- The attacker started to use the app legitimately for a few weeks.
- After a while, some connections started to come from the TOR network. This information is not symptomatic of an attack by itself.
- Then, several security scans started to be performed, as well as internal exceptions, related to security, triggered in your app.
You will get notified with a Pulse containing:
- The source(s) of the attack. The threat can come from a single attacker or a distributed network
- The activity timeline of the Pulse, referencing technical details about the issue
- The user account(s) associated to the Pulse
- And – if applicable – the stack traces to the vulnerabilities identified in your code
Pulses can be triggered when attackers perform critical attacks against your application (SQL Injections, cross-site scripting attacks, …), when significant security activity is detected (massive security scans), when new vulnerabilities are discovered in your app dependencies, if a peak of security exceptions is detected in your apps, etc.
Install in minutes
Installing Sqreen only takes a couple of minutes. It gets installed as a standard module in your application. It doesn’t require any configuration or maintenance.
Integrate with the tools you love
Get Slack notifications about major security threats targeting your application.
Integrate with New Relic Insights to centralize your metrics:
and of course (…) webhooks and emails.
Signup today on Sqreen to check one of your resolution and take care of your application security in just a couple of clicks.