Security Plugins Hub

Bring your software development workflows to security

MySQL

MySQL data exfiltration

Enterprise

Signals & Triggers

On MySQL database access
If unusual high volume of outbound data

Actions

  • Block the HTTP request Block the HTTP request

Notifications

  • Send an email to all team members Send an email to all team members
  • Send a Slack notification. Send a Slack notification.
  • POST to your Webhook. POST to your Webhook.
  • Send to New Relic Insights. Send to New Relic Insights.

Details

Data exfiltration or data leaks are one of the most harmful categories of attack a business can experience. This plugin prevents data leaks by monitoring unusual volumes of data coming out of a database by application route.

In order to define the traffic baseline, this plugin will learn over several days before starting to alert. On top of that, you can define volume thresholds per application route.

Advanced details

On database requests, this plugin watches SQL queries executed by the database from the application and monitors the size of outbound data per IP or UserID (when Sqreen SDK is installed).

If the amount of data exceeds a triggering volume (threshold) or varies in an unusual way compared to the regular traffic, an attack will trigger.

No traffic redirection is made, the data analysis is performed within the application.

Language support

  • Ruby
  • Node.js
  • PHP
  • Python
  • Java

Data collected by Sqreen

Signals
  • Volume of outbound data

On attack
  • Request volume
  • Attacker IP
  • Attacker account (with Sqreen SDK)

Built for developers and modern apps

Get up and running in minutes just by installing our lightweight library. Enable plugins in just a couple of clicks.

  • Node.js
  • Ruby
  • PHP
  • Python
  • Java
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9

$ npm install --save sqreen

$ echo '{ "token": "your token" }' > sqreen.json

 

// This should be the first line of your app

require('sqreen');

$ echo "gem 'sqreen'" >> Gemfile

$ bundle install

$ echo "token: your token" > config/sqreen.yml

$ curl -s https://download.sqreen.io/php/install.sh > sqreen-install.sh && bash sqreen-install.sh your token

$ pip install sqreen

$ echo -e "[sqreen]\ntoken: your token" > sqreen.ini

 

# Insert at the top of your app file (typically wsgi.py or app.py)

import sqreen

sqreen.start()

$ curl https://download.sqreen.io/java/sqreen-.jar -o sqreen.jar

 

// Add JVM startup options:

-javaagent:/path/to/sqreen.jar -Dsqreen.token={{your token}}

Build amazing products. Keep them safe.

3 min installation · Try all features for 14 days · No credit card required Sign up Request demo