Security Plugins Hub

Bring your software development workflows to security


Account enumeration

Signals & Triggers

On failed authentication
If an unusual volume is detected on a large number of accounts


  • Log the malicious request Log the malicious request
  • Report an incident Report an incident


  • Send an email to all team members Send an email to all team members
  • Send a Slack notification. Send a Slack notification.
  • POST to your Webhook. POST to your Webhook.
  • Create an incident on PagerDuty (coming soon) Create an incident on PagerDuty (coming soon)


A very common first move for attackers looking to compromise your user accounts is to test email/passwords leaked from databases found on the Internet.

Highlighting such attempts is often done at the expense of parsing the application logs, which can end up being quite cumbersome and very time consuming.

Sqreen can highlight such attacks without any effort on your end and provide you with the compromised accounts, should the attacker succeed to successfully login to one of the enumerated accounts.

Advanced details

Sqreen SDK enables you to track all login activities happening in your app.

Every minute Sqreen computes the signals and look for unusual failed login tentatives distributed over a large number of accounts. In case the attack is targeting a very limited number of accounts, the attack is considered as a brute force.

Should an attacker fail to log into an account multiple time and finally succeed, this plugin will report the compromised accounts, enabling you to take actions (suspend account, reset the password) and inform the owners about the attack ASAP.

The signals computation happens on Sqreen’s backend based on the signals collected on all the instances of your applications. This collection happens asynchronously and is not slowing down your application performance.

Language support

  • Ruby
  • Node.js
  • PHP
  • Python
  • Java

Data collected by Sqreen


Authentication (Sqreen SDK)

On attack
  • Authentications (Sqreen SDK)
  • IPs

Built for developers and modern apps

Get up and running in minutes just by installing our lightweight library. Enable plugins in just a couple of clicks.

  • Ruby
  • Node.js
  • PHP
  • Python
  • Java
  • Go
  • .net
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9

$ echo "gem 'sqreen'" >> Gemfile

$ bundle install

$ echo "token: your token" > config/sqreen.yml

$ npm install --save sqreen

$ echo '{ "token": "your token" }' > sqreen.json

$ curl -s > && bash your token

$ pip install sqreen

$ echo -e "[sqreen]\ntoken: your token" > sqreen.ini

$ curl -o sqreen.jar

Request your beta access for the Go agent Request beta
Get notified when the .net agent releases Notify me

Build amazing products. Keep them safe.

5 min installation · Try all features for 14 days · No credit card required Sign up Request demo