How Sqreen Works

95.4,261.3 95.5,261.3 95.4,261.5 202.7,290.6 310,261.5 309.9,261.3 310,261.3 "/>
  • 1

    In-App Agent

    Installing Sqreen is as simple as installing a library in your app and only takes 30 seconds. Sqreen automatically monitors the application in real-time. It doesn’t require any configuration or maintenance. There’s no better place to identify attacks than directly inside the application.

  • 2

    Sqreen Protection Power

    Correlating information at the lowest level of the execution, Sqreen stops attack, with a nearly invisible impact on performance. Sqreen’s unique in-app approach won't block legitimate traffic. Sqreen detects OWASP top 10 vulnerabilities like SQL injections, XSS attacks, account takeovers, shell injections etc. but also zero-day attacks.

  • 3

    Monitoring and Action

    Sqreen alerts you only on major attacks and provides actionable insights to help developers fix the vulnerabilities. An attack detail will show the source, the payload of the attack and even the complete backtrace. The dashboard gives a snapshot of all the security events in your application and helps you focus on what really matters.


Attacks protected

- Sqreen will automatically protect applications from SQL injections, NoSQL injections, Shell & code injections, XSS attacks (reflected), Shellshock, Security bots/scanners (nessus, arachni etc.), Bad bots, Missing authentications, Bruteforce attacks and Account takeovers. Sqreen also covers unknown vulnerabilities.

No dependency on Sqreen

- The agent is not dependent on the availability of Sqreen’s servers. Once a process is started and has been able to login to Sqreen, it will keep your app protected at any time upon termination.

Sqreen vs. standard WAF (Web Application Firewall)

- Being inside an application gives several advantages. First, Sqreen won’t need any complex installation, configuration or maintenance of rules. Second, Sqreen can block unknown vulnerabilities (zero day) as it uses app logic instead of patterns. Being inside the app allows Sqreen to only block attacks and not legitimate traffic. Finally, Sqreen can provide actionable insights (Full Backtrace, Attack Payload, etc.) on the performed attacks.

Minimal CPU overhead

- Sqreen’s agent CPU usage is kept under a 5% threshold. Many operations we perform are run in a low priority, asynchronous way to ensure your user requests are processed first. Many Sqreen users run high traffic websites, serving dozens of thousands of requests per minute. Bandwidth overhead - Attacks information captured by the Sqreen agent is kept very low, and sent in batches to minimize the network overhead on your application.

Network overhead

- Sqreen works from inside your application, and does not redirect any of your traffic. Thus, Sqreen introduces no network overhead.

Memory overhead

- We strive to keep memory overhead as low as possible, by storing as little information as is necessary.

Sqreen vs. CDN

- CDNs (Content Delivery Network) and Sqreen are complementary. While CDNs protect apps from Distributed Denial of Service, Sqreen will be able to protect you from the most widely performed attacks that target vulnerabilities directly in your code or third party libraries.

No configuration or maintenance

- Sqreen is context-aware, and no configuration or maintenance will be necessary after installing Sqreen. Sqreen can update its security logic in real-time.