San Francisco, CA, USA
Sep 15, 2020   |  By Chakshu Mehta
Sqreen recently published its inaugural State of Application Security 2020 Report, analyzing thousands of real security events happening at runtime across Sqreen customer applications. Rather than rely on self-reported data, the insights outlined in this report include data from actual in-app vulnerability exploits to give readers a real-time look into the true state of application security.
Sep 10, 2020   |  By Jb
In June, I was personally contacted by a security researcher who had discovered a vulnerability in one component of the Sqreen PHP agent. This vulnerability would allow a bad actor to execute injected code through network access to the Sqreen PHP daemon. The data, accounts, or other sensitive information of vulnerable customers weren’t compromised or accessed because of this vulnerability.
Aug 26, 2020   |  By Michiel Mulders
While developing a PHP web application, a web developer should also be concerned with security best practices. An insecure web application gives hackers the chance to steal valuable information, such as user data or credit card information. In addition, a data breach may have a drastic impact on the credibility and future operations of your organization. To strengthen your defense mechanisms, this article lists 10 important security best practices for PHP applications. Let’s get started!
Aug 12, 2020   |  By Michael de Ridder
While you may have heard of CCPA, the California Consumer Privacy Act of 2018, it can be hard to know what it means for your organization. In particular, what does it mean for your organization’s security practices? Like GDPR (General Data Protection Regulation) before it, which despite being an EU regulation changed practices around the world, CCPA affects more than California. It’s something that all organizations around the world will need to pay attention to and comply with.
Aug 6, 2020   |  By Pierre
This month marks the 5 year anniversary of my co-founder Jb and I starting Sqreen. It’s been an incredible journey so far (have a look at just a few of the highlights), and milestones like this serve as a good opportunity to take stock, celebrate what the team has built together, and look into the future. Sqreen was born out of my and Jb’s experiences on the Red Team at Apple.
Jul 22, 2020   |  By Paul
When it comes to hosting your apps on Heroku, it’s important to consider security. As a Platform-as-a-service (PaaS) provider, Heroku handles many things for you, but it’s important to understand what is done for you on the security front, and what isn’t. There’s a reason that there are security add-ons like Sqreen in the Heroku marketplace after all! In this post, we’re going to be talking about securing applications on Heroku.
Jul 21, 2020   |  By Daniel de Oliveira
Today, information technology companies are really concerned with the protection of their data. And rightfully so! Data protection is important, as mishandled data can make your company vulnerable to breaches. Therefore, to mitigate risk and remain competitive, all companies need to ensure that their data is handled in a secure way. The best solution is to make sure your company complies with a widely agreed upon set of rules or principles.
Jul 9, 2020   |  By Omkar Hiremath
When you’re running a business, it’s important for you to have a great reach to the people using your services. The internet is the easiest way to reach your customers. When the internet era began, people started using web applications as a way to reach a larger audience. And that worked like a charm! Then with the advent of smartphones, people started using mobile applications in addition to web applications.
Jun 24, 2020   |  By Daniel de Oliveira
Account takeovers (ATOs), also known as “account hijacking,” are a type of fraud that’s on the rise these days! This type of attack is attractive to hackers due to the financial return and the ease of such an attack: user account takeover is relatively low cost and has a high success rate. Additionally, there are many means to make money off an account that has been taken over, or in using it to perform more advanced attacks.
Jun 17, 2020   |  By Josh
Account takeover attacks (ATOs) are an important vector to consider as you evolve your security strategy. When bad actors take over your legitimate user accounts, they’re able to steal customer data, commit fraud, and gain a wider attack surface within your application. To help companies better understand and protect against ATOs, we’ve put together a new ATO whitepaper.
Nov 13, 2018   |  By Sqreen
NearForm and Sqreen are delighted to come together to share their insights on DevOps and security integration.
Jul 6, 2018   |  By Sqreen
In this talk we will see how a malicious user can obtain a MongoDB injection and use it to prevent an application from responding.
Mar 19, 2018   |  By Sqreen
We have interviewed Arnaud Breton, the organizer of this meetup group and Head of Product of Sqreen.
Jan 10, 2018   |  By Sqreen
Formerly at Screenhero then Slack, Don was most recently Head of Developer Relations at Sqreen. Don was on the ground the day Slack’s security was breached, and shares some of the insights scaling startups need to handle the inevitable: getting hacked.
Sep 27, 2017   |  By Sqreen
This video was recorded during TechLunch #15 - Scaling Your Infrastructure on Sept 27th, 2017 at Algolia
Sep 14, 2016   |  By Sqreen
Sqreen can guard your web apps from attack with just a few lines of code.
Jul 8, 2016   |  By Sqreen
Content Security Policy (CSP) is an HTTP header that instructs the browser to limit loading of external assets, such as scripts, styles or media to specific sources. It prevents wide categories of attacks, such as cross-site scripting (XSS), click-jacking and other code injection. Enabling Content Security Policy into your app is straightforward with Sqreen.
Jun 1, 2016   |  By Sqreen
Installing Sqreen Ruby Agent enables you to protect your Ruby on Rails Applications automatically and continuously.
Jun 1, 2016   |  By Sqreen
Vulnerable (demo) web application under attack - without and with Sqreen.
Jan 28, 2019   |  By Sqreen
You use AWS. It’s secure out of the box, but introducing security issues through misconfiguration is easy. This checklist will help guide you to potential security issues exposed by your AWS configuration, and will help you to tighten up the security of your AWS infrastructure.
Jan 1, 2019   |  By Sqreen
Improve the security of your Node.js app with the Node.js Security Handbook made for developers.
Dec 1, 2018   |  By Sqreen
Improve the security of your Ruby app with the Ruby Security Handbook made for developers.

Sqreen monitors your application security and helps you easily protect it from common vulnerabilities or advanced attacks.

Sqreen is a SaaS protection platform that installs in 30 seconds in web applications with a simple library without code modification or traffic redirection. Sqreen brings real-time protection against against attacks, monitors suspicious users, and provides technical details to help fix vulnerabilities in the code.

One platform to monitor and protect your most critical assets:

  • For development teams: Monitor your application security in real-time. Easily enable security protections into your app without slowing down development or requiring security experts. Get started in 5 minutes with a simple library to install. No maintenance required.
  • For security teams: Take control of your application security and get visibility across your infrastructure in real-time. Orchestrate your app security with automated in-app protections. Easily add custom intrusion detection and protection rules. Protect your application against OWASP top 10 vulnerabilities and 0-days without false positives.
  • For operations teams: Scale security into your modern infrastructure without impacting speed. Monitor your apps, microservices and APIs in real-time. Automate responses and integrate security into your existing DevOps workflows and toolchain.

Automated security for apps that matter.