Skip to main content

Sqreen wants to become the IFTTT of web app security



French startup Sqreen recently launched a Security Hub with dozens of plugins to put you in control of the security of your web app. In many ways, it feels like enabling tasks on popular automation service IFTTT.

Sqreen participated in TechCrunch’s Startup Battlefield and Y Combinator’s current batch. The vision of the product hasn’t changed. Sqreen lets you protect your web service with little effort from your side.

Big companies have dedicated security teams that protect services, try to run attacks to find weaknesses and more. Smaller companies don’t necessarily have enough time and money to build a dedicated team. But your product is still vulnerable to SQL injections, XSS attacks and brute-force attacks.

Sqreen isn’t a firewall. You just have to install a library package on your server and add a couple of lines at the top your source code to require the Sqreen module in your application.

Once this is done, Sqreen monitors attacks in real time without a big performance hit — the startup says there’s a 4 percent CPU overhead. Sqreen now works for web apps in Node.js, Ruby, PHP, Python or Java.

In addition to protecting you against common attacks, Sqreen makes security recommendations so that you can regularly fix vulnerabilities. And with GDPR coming soon, tech companies have a greater responsibility when it comes to protecting customer data and disclosing hacks.

Customers wanted to know more about what Sqreen was doing. That’s why Sqreen launched a security hub with documented plugins.

“All security vendors are very secretive,” Sqreen co-founder and CEO Pierre Betouin. “Usually, you can’t test the product and you have no information on what they do. We were like this at the beginning of Sqreen. Our positioning was really ‘install our library and we’ll cover a range of security features.’”

“We had a big push back. So we wondered how we could be more transparent, provide something more rational. We explain each plugin completely.”







You can find a plugin to protect you against SQLite injections, vulnerable dependencies, XSS Javascript injections in various frameworks, bot activity, etc.

Sqreen will recommend plugins for your app depending on the technologies and frameworks you’re using. You can then enable or disable each plugin and configure notifications on Slack or PagerDuty for instance.

In the future, you can imagine that third-party companies could contribute to this marketplace and add new plugins. Sqreen is also working on other plugins related to email abuse and payment page protection.

In addition to those new features, Betouin is moving to San Francisco and opening an office there. Companies like Front, Mindbody, BlaBlaCar, Triplebyte, Toptal and Algolia are now using Sqreen.

Comments

Popular posts from this blog

How ad-free subscriptions could solve Facebook

At the core of Facebook’s “well-being” problem is that its business is directly coupled with total time spent on its apps. The more hours you pass on the social network, the more ads you see and click, the more money it earns. That puts its plan to make using Facebook healthier at odds with its finances, restricting how far it’s willing to go to protect us from the harms of over use. The advertising-supported model comes with some big benefits, though. Facebook CEO Mark Zuckerberg has repeatedly said that “We will always keep Facebook a free service for everyone.” Ads lets Facebook remain free for those who don’t want to pay, and more importantly, for those around the world who couldn’t afford to. Ads pay for Facebook to keep the lights on, research and develop new technologies, and profit handsomely in a way that attracts top talent and further investment. More affluent users with more buying power in markets like the US, UK, and Canada command higher ad prices, effectively...

Here’s how to keep track of Elon Musk’s Roadster and Starman in space

Elon Musk’s Starman, the mannequin driver of the Tesla Roadster SpaceX launched aboard its Falcon Heavy rocket, is taking a trip around our solar system, in a large elliptical orbit that will bring him relatively close to Mars, the Sun and other heavenly bodies. But how to track the trip, now that the Roadster’s onboard batteries are out of juice and no longer transmitting live footage? Thanks to the work of Ben Pearson, a SpaceX fan and electrical engineer working in the aerospace industry, who created ‘Where is Roadster,’ a website that makes use of JPL Horizons data to track the progress of the Roadster and Starman through space, and to predict its path and let you know when it’ll come close to meeting up with various planets and the Sun. The website tells you the Roadster’s current position, too, as well as its speed and whether it’s moving towards or away from Earth and Mars at any given moment. It’s not officially affiliated with SpaceX or Tesla, but it is something Elon...

Engineering against all odds, or how NYC’s subway will get wireless in the tunnels

Never ask a wireless engineer working on the NYC subway system “What can go wrong?” Flooding, ice, brake dust, and power outages relentlessly attack the network components. Rats — many, many rats — can eat power and fiber optic cables and bring down the whole system. Humans are no different, as their curiosity or malice strikes a blow against wireless hardware (literally and metaphorically). Serverless software deployment to the cloud, this is not. New York City officially got wireless service in every underground subway station a little more than a year ago, and I was curious what work went into the buildout of this system as well as how it will expand in the future. That curiosity is part of a series of articles I’ve written on an observed pattern known as cost disease, the massively inflating costs of basic human services like health care, housing, infrastructure, and education. The United States spends trillions of dollars on each of these fields, massively outspending sim...

South Korea aims for startup gold

Back in 2011, when South Korea won its longshot bid to host the 2018 Winter Olympics, the country wasn’t widely recognized as a destination for ski and snow lovers. It wasn’t considered much of a tech startup hub either. Fast forward seven years and a lot has changed. For the next 10 days, the eyes of the world will be on the snowy slopes of PyeongChang. Meanwhile, a couple of hours away in Seoul, a burgeoning startup scene is seeing investments multiply, generating exits and even creating a unicorn or two. While South Korea doesn’t get a perfect score as a startup innovation hub, it has established itself as a serious contender. More than half a billion dollars annually has gone to seed through late-stage funding rounds for the past few years. During that time, at least two companies, e-commerce company Coupang and mobile-focused content and commerce company Yello Mobile, have established multi-billion-dollar valuations. To provide a broader picture of how South Korea stacks ...

Airbnb will open its Cuba listings to users outside the United States

Airbnb  will now let travelers from outside the U.S. to book properties in Cuba after receiving authorization from the U.S. government,  reports the Associated Press . Previously, only Americans were allowed to reserve the site’s  Cuban listings . They will open to international users on April 2. Airbnb launched its  Cuban operations in April 2014 , four months after the Obama administration revealed that it will begin to  restore diplomatic relations with the Communist country . The historic policy change means that  travel and trade sanctions will be lifted , which is expected to boost tourism to Cuba dramatically because Americans no longer need licenses to visit. In fact, President Obama is  currently on an official visit to Cuba , the first president since Calvin Coolidge to do so. According to the AP, Cuba is currently Airbnb’s fastest-growing market, with about 4,000 homes added since it opened listings. Other travel businesses...