San Francisco, CA, USA
Apr 12, 2021   |  By Pierre
Everything started in 2015, when Jb and I left Apple to co-found Sqreen, with a singular vision to democratize security. Our belief then, as it is now, is that a strong security posture can only exist when security is infused across the software development lifecycle; when it is not just the concern of security teams, but of developers and operations teams as well.
Apr 7, 2021   |  By Eric
One of the more common mistakes that I see organizations make on digital security is ignoring free resources that can help their business level up. This is rarely intentional. Instead, teams simply don’t know about the resources they have available. Often, that’s because their leadership doesn’t know where to look for good information security guidelines. There’s nothing wrong with that. No one knows everything.
Apr 1, 2021   |  By Dawid Ziolkowski
As cybersecurity attacks become more and more common, it’s extremely important to secure your APIs. However, some developers neglect securing their APIs if they believe their APIs are only communicating with the frontend of their programs. There is this misleading perception that a well-secured front end excuses you from paying too much attention to related API security.
Mar 23, 2021   |  By Omkar Hiremath
Web applications are one of the most targeted assets these days because they’re both open to the internet and have a larger attack surface. Attackers find various ways to hack web applications. And among all of those techniques, some make it to the OWASP Top Ten list of security risks. Cross-site scripting (XSS) has been one of the consistent toppers of this list, and in this post, we’ll discuss in detail one variant of cross-site scripting—stored XSS.
Mar 11, 2021   |  By Kelvin Gobo
The database is an essential part of a web application. It’s where you receive and store users’ data, which you can then use to provide personalized services. As such, database security is an important part of every web application to ensure the safety and integrity of data collected from users. In this post, we’ll be looking at SQL database vulnerabilities in Node.js, like SQL injection, and how to prevent them.
Mar 4, 2021   |  By Omkar Hiremath
Web applications have become one of the most important assets for companies of all sizes. And due to this, they have also become a target. Web applications are getting more complex and bigger in size. This results in an increase in the attack surface for malicious actors. Bad actors are growing more skillful every day, and they use different tools and techniques to hack web applications.
Feb 25, 2021   |  By Mauro Chojrin
If you’ve been around web development for a while, you’ve almost certainly heard the term “SQL injection” and some terrifying stories about it. PHP, like many other languages, is not immune to this type of threat, which can be very dangerous indeed. But, luckily, protecting your websites from SQL injection and other similar threats is something you can take tangible steps towards.
Feb 18, 2021   |  By Robert Pickering
At Sqreen, we take training seriously. We’ve always given Sqreeners access to conferences and run community learning events in our Paris office, but, of course, the current health crisis has meant in-person events are no longer possible. To keep up our training standards during these times, and because our ProdEng team is now located in more places, we decided to run our first virtual coding dojo.
Feb 12, 2021   |  By Chris Chinchilla
This post’s topic is very straightforward: SQL injection, Ruby flavored. More specifically, how you can protect your Ruby application against SQL injections—and other common security threats. Ruby is a wonderful language for beginner coders to start with and scale to large, distributed Web and Desktop applications. It has an accepting and helpful community. Also, it strives to keep itself up to date to match the needs of developers.
Feb 11, 2021   |  By Benoit
Welcome to part three of the Sqreen architecture through the ages series. In case you missed it, here is part one, and here is part two. In this third and final entry to the series, I’m going to discuss how we leveled up the Sqreen backend to handle the growing scale of users and of the Sqreen team, and the journey we took moving from a self-contained product to a proper platform. That will catch you up to the present of where Sqreen is today, from an architecture-perspective.
Nov 13, 2018   |  By Sqreen
NearForm and Sqreen are delighted to come together to share their insights on DevOps and security integration.
Jul 6, 2018   |  By Sqreen
In this talk we will see how a malicious user can obtain a MongoDB injection and use it to prevent an application from responding.
Mar 19, 2018   |  By Sqreen
We have interviewed Arnaud Breton, the organizer of this meetup group and Head of Product of Sqreen.
Jan 10, 2018   |  By Sqreen
Formerly at Screenhero then Slack, Don was most recently Head of Developer Relations at Sqreen. Don was on the ground the day Slack’s security was breached, and shares some of the insights scaling startups need to handle the inevitable: getting hacked.
Sep 27, 2017   |  By Sqreen
This video was recorded during TechLunch #15 - Scaling Your Infrastructure on Sept 27th, 2017 at Algolia
Sep 14, 2016   |  By Sqreen
Sqreen can guard your web apps from attack with just a few lines of code.
Jul 8, 2016   |  By Sqreen
Content Security Policy (CSP) is an HTTP header that instructs the browser to limit loading of external assets, such as scripts, styles or media to specific sources. It prevents wide categories of attacks, such as cross-site scripting (XSS), click-jacking and other code injection. Enabling Content Security Policy into your app is straightforward with Sqreen.
Jun 1, 2016   |  By Sqreen
Installing Sqreen Ruby Agent enables you to protect your Ruby on Rails Applications automatically and continuously.
Jun 1, 2016   |  By Sqreen
Vulnerable (demo) web application under attack - without and with Sqreen.
Jan 28, 2019   |  By Sqreen
You use AWS. It’s secure out of the box, but introducing security issues through misconfiguration is easy. This checklist will help guide you to potential security issues exposed by your AWS configuration, and will help you to tighten up the security of your AWS infrastructure.
Jan 1, 2019   |  By Sqreen
Improve the security of your Node.js app with the Node.js Security Handbook made for developers.
Dec 1, 2018   |  By Sqreen
Improve the security of your Ruby app with the Ruby Security Handbook made for developers.

Sqreen monitors your application security and helps you easily protect it from common vulnerabilities or advanced attacks.

Sqreen is a SaaS protection platform that installs in 30 seconds in web applications with a simple library without code modification or traffic redirection. Sqreen brings real-time protection against against attacks, monitors suspicious users, and provides technical details to help fix vulnerabilities in the code.

One platform to monitor and protect your most critical assets:

  • For development teams: Monitor your application security in real-time. Easily enable security protections into your app without slowing down development or requiring security experts. Get started in 5 minutes with a simple library to install. No maintenance required.
  • For security teams: Take control of your application security and get visibility across your infrastructure in real-time. Orchestrate your app security with automated in-app protections. Easily add custom intrusion detection and protection rules. Protect your application against OWASP top 10 vulnerabilities and 0-days without false positives.
  • For operations teams: Scale security into your modern infrastructure without impacting speed. Monitor your apps, microservices and APIs in real-time. Automate responses and integrate security into your existing DevOps workflows and toolchain.

Automated security for apps that matter.