Sqreen provides several layers of protection: RASP, In-App WAF, Headers, CSP and Account Takeover. All the security modules work together to provide the best coverage possible. But what do they cover exactly?
Starting today, the Protection section gives you an overview of all covered vulnerabilities. This a great way to see how your application is protected, and how that protection can be improved.
We moved the account menu to the upper right corner of the screen. This should make it easier to access all the pages related to you account or organization. Information on the connected hosts and installation instructions are now available on the Monitoring page.
The Sqreen In-App WAF, which we released a few months ago, is our approach to provide you with a Web Application Firewall (WAF) that lives within your app to lower the maintenance and false positives.
Today, we’re happy to announce that our In-App WAF is available in all six of our agents. When deploying a new application with Sqreen, the In-App WAF will be automatically configured based on the application’s stack.
By default, it runs in Log-only mode, enabling you to review how it behaves with your production traffic. From there, you’ll be able to set it to Blocking mode.
In a couple of weeks, we’ll release configuration presets to ease the deployment of the In-App WAF on existing applications.
A few months ago, we introduced the App Inventory, an always up-to-date, searchable source of truth for application assets. Today, we are adding an easier way to search it with filters.
Here's what's new:
weaknesses, incidents and first_connected_at are coming soon.To try it, visit your App Inventory at https://my.sqreen.com/app-inventory/
We are looking for feedback on this new feature, so please let us know if you have any.
We've added a new safety mechanism (enabled by default) to make sure playbooks don't block "critical" IPs. We define "critical" IP as a private IP, or an IP coming from a load balancer of the most popular cloud provider.
If you want to reverse to the previous behavior, you can change it in your application settings.
Major improvement are:
The new documentation is available here: https://docs.sqreen.com/integrations/webhooks/
If you get started with webhook today, you'll automatically use version 2.
Otherwise, you can switch versions from your account settings https://my.sqreen.com/profile/organization/integrations
Access our updated onboarding page to get the most out of Sqreen. This step by step checklist will walk you through our key features and show you how to configure them. Go to your onboarding checklist right now
Since the beginning, we’ve focused on making it easy to install Sqreen in your applications. For many users, the process is just set and forget. However, some organizations need more transparency on what’s happening inside our microagent.
Today, we have two updates that go in this direction:
Add the list of user's flags (TOR user, Shared account, Disposible email, etc.) in the compromised account CSV file.
Protection is the core of our Product. We're constantly iterating to make sure you have peace of mind knowing exactly how Sqreen protects your app.
The previous tile-based layout wasn't the most optimal way to configure the protection modules we're providing you with.
We've just released a better row-based version which should do the job better.
Have a look at it now https://my.sqreen.com/application/goto/modules
We'd love to hear your feedback about it!