We've just released a new Blocked actors page which should make things easier for displaying and filtering!
Sqreen is now able to protect against First Order Server Side Request Forgery!
Specifically, the new RASP module protect against malicious URL trying to access sensitive resources in your network. To learn more about this vulnerability, you can check out the OWASP's SSRF Cheatsheet.
You can try out this protection by clicking here!
This version of the protection won't track through redirections or DNS rebinding but we're working toward addressing this limitation.
https://my.sqreen.com/application/goto/modules/waf
Use the Recommended preset to cover yourself without false positives! The Strict preset provides the highest coverage while very likely introducing false positives.
If you'd prefer, you can still configure your In-App WAF your own way, and the preset will automatically be set to Manual.
Sqreen is now able to protect against some kinds of untrusted code executions!
Specifically, the new RASP module target eval() injections by checking when a user parameter is directly eval()-ed without any kind of sanitization.
This protection is available in PHP and Java.
You can find more details on this protection by clicking here!
Sqreen provides several layers of protection: RASP, In-App WAF, Headers, CSP and Account Takeover. All the security modules work together to provide the best coverage possible. But what do they cover exactly?
Starting today, the Protection section gives you an overview of all covered vulnerabilities. This a great way to see how your application is protected, and how that protection can be improved.
We moved the account menu to the upper right corner of the screen. This should make it easier to access all the pages related to you account or organization. Information on the connected hosts and installation instructions are now available on the Monitoring page.
The Sqreen In-App WAF, which we released a few months ago, is our approach to provide you with a Web Application Firewall (WAF) that lives within your app to lower the maintenance and false positives.
Today, we’re happy to announce that our In-App WAF is available in all six of our agents. When deploying a new application with Sqreen, the In-App WAF will be automatically configured based on the application’s stack.
By default, it runs in Log-only mode, enabling you to review how it behaves with your production traffic. From there, you’ll be able to set it to Blocking mode.
In a couple of weeks, we’ll release configuration presets to ease the deployment of the In-App WAF on existing applications.
A few months ago, we introduced the App Inventory, an always up-to-date, searchable source of truth for application assets. Today, we are adding an easier way to search it with filters.
Here's what's new:
weaknesses, incidents and first_connected_at are coming soon.To try it, visit your App Inventory at https://my.sqreen.com/app-inventory/
We are looking for feedback on this new feature, so please let us know if you have any.
We've added a new safety mechanism (enabled by default) to make sure playbooks don't block "critical" IPs. We define "critical" IP as a private IP, or an IP coming from a load balancer of the most popular cloud provider.
If you want to reverse to the previous behavior, you can change it in your application settings.
Major improvement are:
The new documentation is available here: https://docs.sqreen.com/integrations/webhooks/
If you get started with webhook today, you'll automatically use version 2.
Otherwise, you can switch versions from your account settings https://my.sqreen.com/profile/organization/integrations