See how Sqreen protects your application at a glance

Screen Shot 2020-01-23 at 12.59.05.png

Sqreen provides several layers of protection: RASP, In-App WAF, Headers, CSP and Account Takeover. All the security modules work together to provide the best coverage possible. But what do they cover exactly?

Starting today, the Protection section gives you an overview of all covered vulnerabilities. This a great way to see how your application is protected, and how that protection can be improved.

Access your account more easily

Screen Shot 2020-01-21 at 16.51.57.png

We moved the account menu to the upper right corner of the screen. This should make it easier to access all the pages related to you account or organization. Information on the connected hosts and installation instructions are now available on the Monitoring page.

The In-App WAF is live for all new apps!

The Sqreen In-App WAF, which we released a few months ago, is our approach to provide you with a Web Application Firewall (WAF) that lives within your app to lower the maintenance and false positives.

Today, we’re happy to announce that our In-App WAF is available in all six of our agents. When deploying a new application with Sqreen, the In-App WAF will be automatically configured based on the application’s stack.

By default, it runs in Log-only mode, enabling you to review how it behaves with your production traffic. From there, you’ll be able to set it to Blocking mode.

In a couple of weeks, we’ll release configuration presets to ease the deployment of the In-App WAF on existing applications.

A new way to search the App Inventory

A few months ago, we introduced the App Inventory, an always up-to-date, searchable source of truth for application assets. Today, we are adding an easier way to search it with filters.


Here's what's new:

  • The new default search makes it easy to compose your search by combining filters.
  • Most of the application attributes are supported. weaknesses, incidents and first_connected_at are coming soon.
  • You can switch to advanced search anytime. Not all complex queries can be converted to basic search.

To try it, visit your App Inventory at

We are looking for feedback on this new feature, so please let us know if you have any.

New safety mechanism for critical IPs

We've added a new safety mechanism (enabled by default) to make sure playbooks don't block "critical" IPs. We define "critical" IP as a private IP, or an IP coming from a load balancer of the most popular cloud provider.

If you want to reverse to the previous behavior, you can change it in your application settings.

Webhook version 2 is live!

Major improvement are:

  • Incident update are now sent through webhook. Version 1 only broadcasts when the incident is first detected.
  • ATO incident payloads feature the compromised accounts
  • Payloads now include the number of retries and date when it was sent

The new documentation is available here:

If you get started with webhook today, you'll automatically use version 2.

Otherwise, you can switch versions from your account settings

Get the most out of Sqreen

Access our updated onboarding page to get the most out of Sqreen. This step by step checklist will walk you through our key features and show you how to configure them. Go to your onboarding checklist right now

More visibility and control on the impact of microagents on your apps

Since the beginning, we’ve focused on making it easy to install Sqreen in your applications. For many users, the process is just set and forget. However, some organizations need more transparency on what’s happening inside our microagent.

Today, we have two updates that go in this direction:

  • The first one is an improved Execution Time monitoring view. Under Settings > Performance, you now get a more detailed chart of the microagent performance over time. The overhead is broken down into different categories. You can also select the categories and percentile you want to see.
  • The second update is an option for Proactive protection and monitoring. To improve microagents, we often deploy new capabilities to a fraction of our customers before rolling them out to everyone. Most of the time, this is transparent, as the new capabilities never block any traffic. Yet, some applications can see a performance impact in some rare cases. We don’t recommend that you turn this off, unless you see an issue. This option is only available for customers with paid plans and can be toggled from the Settings

Get more details in exported compromised accounts

Add the list of user's flags (TOR user, Shared account, Disposible email, etc.) in the compromised account CSV file.

A clearer way to configure your protections

Protection is the core of our Product. We're constantly iterating to make sure you have peace of mind knowing exactly how Sqreen protects your app.

The previous tile-based layout wasn't the most optimal way to configure the protection modules we're providing you with.

We've just released a better row-based version which should do the job better.

Have a look at it now

We'd love to hear your feedback about it!