Installing Sqreen is as simple as installing a library in your app and only takes 30 seconds. Sqreen automatically monitors the application in real-time. It doesn’t require any configuration or maintenance. There’s no better place to identify attacks than directly inside the application.
Correlating information at the lowest level of the execution, Sqreen stops attack, with a nearly invisible impact on performance. Sqreen’s unique in-app approach won't block legitimate traffic. Sqreen detects OWASP top 10 vulnerabilities like SQL injections, XSS attacks, account takeovers, shell injections etc. but also zero-day attacks.
Sqreen alerts you only on major attacks and provides actionable insights to help developers fix the vulnerabilities. An attack detail will show the source, the payload of the attack and even the complete backtrace. The dashboard gives a snapshot of all the security events in your application and helps you focus on what really matters.
- Sqreen will automatically protect applications from SQL injections, NoSQL injections, Shell & code injections, XSS attacks (reflected), Shellshock, Security bots/scanners (nessus, arachni etc.), Bad bots, Missing authentications, Bruteforce attacks and Account takeovers. Sqreen also covers unknown vulnerabilities.
- The agent is not dependent on the availability of Sqreen’s servers. Once a process is started and has been able to login to Sqreen, it will keep your app protected at any time upon termination.
- Being inside an application gives several advantages. First, Sqreen won’t need any complex installation, configuration or maintenance of rules. Second, Sqreen can block unknown vulnerabilities (zero day) as it uses app logic instead of patterns. Being inside the app allows Sqreen to only block attacks and not legitimate traffic. Finally, Sqreen can provide actionable insights (Full Backtrace, Attack Payload, etc.) on the performed attacks.
- Sqreen’s agent CPU usage is kept under a 5% threshold. Many operations we perform are run in a low priority, asynchronous way to ensure your user requests are processed first. Many Sqreen users run high traffic websites, serving dozens of thousands of requests per minute. Bandwidth overhead - Attacks information captured by the Sqreen agent is kept very low, and sent in batches to minimize the network overhead on your application.
- Sqreen works from inside your application, and does not redirect any of your traffic. Thus, Sqreen introduces no network overhead.
- We strive to keep memory overhead as low as possible, by storing as little information as is necessary.
- CDNs (Content Delivery Network) and Sqreen are complementary. While CDNs protect apps from Distributed Denial of Service, Sqreen will be able to protect you from the most widely performed attacks that target vulnerabilities directly in your code or third party libraries.
- Sqreen is context-aware, and no configuration or maintenance will be necessary after installing Sqreen. Sqreen can update its security logic in real-time.