Bring your software development workflows to security
Once an attacker managed to breach your system, it’s probably too late to take countermeasures. While Sqreen protects your application against the riskiest vulnerabilities, an attacker may find business logic flaws that allow to perform non-authorized actions.
Sqreen detects when an attacker starts to fingerprint an application and leaks information about your application stack.
By collecting and correlating various signals, this plugin will raise the red flag as soon as an actor starts to perform unusual activities.
Every 15 minutes, we look back at IP activity for the last 24 hours:
For each IP activity history we check:
If the signals keep repeating during a period of time (long enough not to be an automated scan) we raise the trigger.