Skip to main content

Sqreen wants to become the IFTTT of web app security



French startup Sqreen recently launched a Security Hub with dozens of plugins to put you in control of the security of your web app. In many ways, it feels like enabling tasks on popular automation service IFTTT.

Sqreen participated in TechCrunch’s Startup Battlefield and Y Combinator’s current batch. The vision of the product hasn’t changed. Sqreen lets you protect your web service with little effort from your side.

Big companies have dedicated security teams that protect services, try to run attacks to find weaknesses and more. Smaller companies don’t necessarily have enough time and money to build a dedicated team. But your product is still vulnerable to SQL injections, XSS attacks and brute-force attacks.

Sqreen isn’t a firewall. You just have to install a library package on your server and add a couple of lines at the top your source code to require the Sqreen module in your application.

Once this is done, Sqreen monitors attacks in real time without a big performance hit — the startup says there’s a 4 percent CPU overhead. Sqreen now works for web apps in Node.js, Ruby, PHP, Python or Java.

In addition to protecting you against common attacks, Sqreen makes security recommendations so that you can regularly fix vulnerabilities. And with GDPR coming soon, tech companies have a greater responsibility when it comes to protecting customer data and disclosing hacks.

Customers wanted to know more about what Sqreen was doing. That’s why Sqreen launched a security hub with documented plugins.

“All security vendors are very secretive,” Sqreen co-founder and CEO Pierre Betouin. “Usually, you can’t test the product and you have no information on what they do. We were like this at the beginning of Sqreen. Our positioning was really ‘install our library and we’ll cover a range of security features.’”

“We had a big push back. So we wondered how we could be more transparent, provide something more rational. We explain each plugin completely.”







You can find a plugin to protect you against SQLite injections, vulnerable dependencies, XSS Javascript injections in various frameworks, bot activity, etc.

Sqreen will recommend plugins for your app depending on the technologies and frameworks you’re using. You can then enable or disable each plugin and configure notifications on Slack or PagerDuty for instance.

In the future, you can imagine that third-party companies could contribute to this marketplace and add new plugins. Sqreen is also working on other plugins related to email abuse and payment page protection.

In addition to those new features, Betouin is moving to San Francisco and opening an office there. Companies like Front, Mindbody, BlaBlaCar, Triplebyte, Toptal and Algolia are now using Sqreen.

Comments

Popular posts from this blog

Shatterproof screens to protect smartphones

Polymer scientists at the University of Akron in Ohio have developed a transparent electrode that could change the face of smartphones, literally, by making their displays shatterproof. In a recently published paper, researchers show how a transparent layer of nanowire-based electrodes on a polymer surface could be extraordinarily tough and flexible, withstanding repeated scotch tape peeling and bending tests. This could revolutionise and replace conventional touchscreens, according to Yu Zhu, UA assistant professor of polymer science. Currently used coatings made of indium tin oxide (ITO) are more brittle, most likely to shatter, and increasingly costly to manufacture. “These two pronounced factors drive the need to substitute ITO with a cost-effective and flexible conductive transparent film,” Zhu says, adding that the new film provides the same degree of transparency as ITO, yet offers greater conductivity. The novel film retains its shape and functionality after tests i...

Get 56GB of free cloud storage in one folder!

Bring Your Box, Dropbox, Google Drive, & OneDrive All Together In One Folder With odrive! Dropbox gives you up to 16GB free.  Google Drive & Gmail give you 15GB. OneDrive gives you 15GB. Box gives you 10GB. odrive brings all your cloud storage apps together in one folder right on your desktop. Just link your Dropbox, Google Drive, Gmail, Box, and OneDrive accounts to odrive and instantly get all your files scattered everywhere in one place! You can even link multiple accounts from each app to get even more! 1. Install odrive. DOWNLOAD It's free! And available for Windows & Mac :) 3.Get all your stuff! 2. Link all your cloud storage accounts. Note:  This gives odrive permission to download your files for you. odrive doesn't store anything, we promise! OXYGEN CLOUD, INC., 1600 SEAPORT BLVD, REDWOOD CITY, CA, 94063, UNITED  ...

So, when will your device actually get Android Oreo?

Google officially just took the wraps off of Android Oreo, but there are still some questions left to be answered — most notably, precisely when each device will be getting the latest version of the mobile operating system. Due to Android’s openness and a variety of different factors on the manufacturing side, it’s not an easy question to answer, but we’ll break it down best we can. First the good news: If your device was enrolled in the Android Beta Program, you’ll be getting your hands on the final version of the software “soon,” according to Google. Exactly what that means remains to be seen, but rest assured that you’ll be one of of the first people outside of Google to take advantage of picture-in-picture, notification dots and the like. No big surprise, Google handsets will be the first non-beta phones to get the update. The Pixel, Nexus 5X and 6P are at the top of the list, alongside Pixel C tablet and ASUS’s Nexus Player set-top box, which will be receiving the upgrade i...

The Withings Go Is A Cheap Little Activity Tracker

Withings  has one more thing up its sleeve, a new activity tracker. This isn’t a new version of the  Pulse  or Activité. This is a brand new activity tracker. And the best part is that it only costs $69. The Withings Go uses an always-on E Ink display like the one on your Kindle or original Pebble. It’s very power efficient but it’s also a black and white display. But the good thing about this kind of display is that the Withings Go uses a button cell battery and the battery lasts 8 months. This new device tracks your steps, distance, running activity and swimming activity. You can also use it to track your sleep cycles. Compared to other entry-level activity trackers, you can do quite a lot. You don’t have to switch between activities — the device switches automatically. And of course, you can get your data in the Withings Health Mate app on iOS and Android. The Withings Go will be available in Q1 2016. Now the question is whether people want ...

Where does Blue Apron go after Amazon wraps up its Whole Foods deal?

Last week, Amazon said that its massive $13.7 billion deal to acquire Whole Foods is wrapping up on Monday — giving it access to one of the strongest food brands in the United States, as well as hundreds of grocery stores in metropolitan areas. That means it’s going to be easier and easier for people to get access to great ingredients, and there’s been a continued trickle of suggestions that Amazon will be gunning for a massive business that helped Blue Apron go public — a trickle that has since tempered Wall Street’s appetite for that business. All this raises a ton of questions as to what the future of Blue Apron is as Amazon looks primed to bulldoze into its territory in a very Amazon move. But as the specter of Amazon getting into meal-kit delivery looms, let’s review really quickly what Blue Apron has going for it: It has a strong brand in meal-kit delivery. The company wouldn’t have been able to go public, much less sustain unicorn status even as its stock continues to plumme...