Security Plugins Hub

Bring your software development workflows to security


Targeted attack

Signals & Triggers

On request
If an IP has performed malicious requests


  • Report an incident Report an incident


  • Send an email to all team members Send an email to all team members
  • Send a Slack notification. Send a Slack notification.
  • POST to your Webhook. POST to your Webhook.
  • Create an incident on PagerDuty (coming soon) Create an incident on PagerDuty (coming soon)


Once an attacker managed to breach your system, it’s probably too late to take countermeasures. While Sqreen protects your application against the riskiest vulnerabilities, an attacker may find business logic flaws that allow to perform non-authorized actions.

Sqreen detects when an attacker starts to fingerprint an application and leaks information about your application stack.

By collecting and correlating various signals, this plugin will raise the red flag as soon as an actor starts to perform unusual activities.

Advanced details

Every 15 minutes, we look back at IP activity for the last 24 hours:

  • the number of malicious requests (security scanners, bots, injections attempts matched by OWASP CRS)
  • the total number of authentications
  • the number of failed authentications

For each IP activity history we check:

  • If malicious requests were performed
  • For an important ratio of failed authentications
  • Hints of non automated activity

If the signals keep repeating during a period of time (long enough not to be an automated scan) we raise the trigger.

Language support

  • Ruby
  • Node.js
  • PHP
  • Python
  • Java

Data collected by Sqreen

  • Authentications (Sqreen SDK)

On attack
  • Malicious requests
  • Attacker IP
  • Attacker account (Sqreen SDK)

Built for developers and modern apps

Get up and running in minutes just by installing our lightweight library. Enable plugins in just a couple of clicks.

  • Ruby
  • Node.js
  • PHP
  • Python
  • Java
  • Go
  • .net
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9

$ echo "gem 'sqreen'" >> Gemfile

$ bundle install

$ echo "token: your token" > config/sqreen.yml

$ npm install --save sqreen

$ echo '{ "token": "your token" }' > sqreen.json

$ curl -s > && bash your token

$ pip install sqreen

$ echo -e "[sqreen]\ntoken: your token" > sqreen.ini

$ curl -o sqreen.jar

Request your beta access for the Go agent Request beta
Get notified when the .net agent releases Notify me

Build amazing products. Keep them safe.

5 min installation · Try all features for 14 days · No credit card required Sign up Request demo