Security Plugins Hub

Bring your software development workflows to security


Vulnerable dependencies

Signals & Triggers

On vulnerability disclosed
If vulnerable package in use


  • Report an incident Report an incident


  • Send an email to all team members Send an email to all team members
  • Send a Slack notification. Send a Slack notification.
  • POST to your Webhook. POST to your Webhook.
  • Send to New Relic Insights. Send to New Relic Insights.
  • Create an incident on PagerDuty (coming soon) Create an incident on PagerDuty (coming soon)


Modern applications rely on a lot of external dependencies. They make it easy for developers to build software components faster. But relying on Open Source software also presents a security risk. New security vulnerabilities are published on a regular basis. Keeping track of them and knowing how to fix these vulnerabilities can sometimes be painful.

Sqreen centralizes all the published vulnerabilities from a lot of different security groups and newsletters. When this plugin is enabled, Sqreen will check the declared list of dependencies from the applications’ dependency list and check if it contains vulnerabilities.

If a vulnerability is detected, Sqreen will suggest the version to update to.

Advanced details

When the application starts, Sqreen will retrieve the list of dependencies the application requires. It will send it to Sqreen’s backend, and the list will be compared with an internally maintained list of known vulnerabilities.

Everytime a new vulnerability is disclosed, this plugin will lookup for vulnerabilities amongst your dependencies.

Language support

  • Ruby
  • Node.js
  • PHP
  • Python
  • Java

Data collected by Sqreen


App dependencies

Built for developers and modern apps

Get up and running in minutes just by installing our lightweight library. Enable plugins in just a couple of clicks.

  • Ruby
  • Node.js
  • PHP
  • Python
  • Java
  • Go
  • .net
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9

$ echo "gem 'sqreen'" >> Gemfile

$ bundle install

$ echo "token: your token" > config/sqreen.yml

$ npm install --save sqreen

$ echo '{ "token": "your token" }' > sqreen.json

$ curl -s > && bash your token

$ pip install sqreen

$ echo -e "[sqreen]\ntoken: your token" > sqreen.ini

$ curl -o sqreen.jar

Request your beta access for the Go agent Request beta
Get notified when the .net agent releases Notify me

Build amazing products. Keep them safe.

5 min installation · Try all features for 14 days · No credit card required Sign up Request demo