Security Hub

Bring your software development workflows to security

logo-failed-auth

Suspicious rise of login failures

Signals & Triggers

On peak of failed authentications

Actions

  • Send a slack notification Send a Slack notification
  • Send an email notification Send an email notification
  • POST to webhook

Details

A significant volume of failed logins has been detected on one or multiple accounts. It does not necessarily means that an attack is being performed, but something unusual is happening in your application.

This is the default incident category when Sqreen cannot qualify more precisely the scheme of attacks targeting user accounts.

Advanced details

Sqreen SDK enables you to track all login activities happening in your app.

Every minute Sqreen computes the signals and look for unusual failed login tentatives distributed over one or multiple accounts.

The signals computation happens on Sqreen’s backend based on the signals collected on all the instances of your applications. This collection happens asynchronously and is not slowing down your application performance.

Sqreen associates an authentication to a user account. You can choose what data is sent to Sqreen: email, userID etc. No other sensitive data is collected.

Language support

  • Ruby
  • Node.js
  • PHP
  • Python
  • Java

Data collected by Sqreen

Signals
  • Authentications (Sqreen SDK)

On attack

The peak is detected from recent authentication data.

Built for developers and modern apps

Get up and running in minutes just by installing our lightweight library. Enable plugins in just a couple of clicks.

  • Node.js
  • Ruby
  • PHP
  • Python
  • Java
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9

$ npm install --save sqreen

$ echo '{ "token": "your token" }' > sqreen.json

 

// This should be the first line of your app

require('sqreen');

$ echo "gem 'sqreen'" >> Gemfile

$ bundle install

$ echo "token: your token" >> config/sqreen.yml

$ curl -s https://8dc0b36f0ea6f2f21b721765e10a7e02768cd1825b4551f4:@packagecloud.io/install/repositories/sqreen/sqreen/script.deb.sh | bash

$ apt-get install --no-install-recommends sqreen-agent sqreen-php-extension

$ /usr/lib/sqreen/sqreen-installer config {your token}

$ pip install sqreen

$ echo -e '[sqreen]\ntoken: your token' >> sqreen.ini

 

# Insert at the top of your app file (typically wsgi.py or app.py)

import sqreen

sqreen.start()

$ curl https://download.sqreen.io/java/sqreen-latest-all.jar -o sqreen-latest-all.jar

 

// Next, edit the JVM startup file:

-javaagent:/path/to/sqreen-agent.jar -Dsqreen.token={{your token}}

Build amazing products. Keep them safe.

3 min installation · Try all features for 7 days · No credit card required Get started Request demo