Sqreen changelog Sqreen changelog www.sqreen.io/

Configure your security alerts on Slack

Improvement

You can now go in your app settings to enable/disable your slack notifications and choose which information you want to receive.

See more in our documentation.

Django 1.6 apps now protected by Sqreen

Improvement

The Sqreen Python agent is now fully compatible with all versions from Django 1.6 to Django 1.10.

Note: Sqreen is not yet compatible with Django 1.10 in ASGI mode. More information in our documentation.

Sqreen's interface now even simpler

New

The user interface now provides a simple list of actions you can follow to protect your web application.

Dashboard updates every minute

Improvement

We are now updating your app dashboard every minute.

February Improvements

Improvement

  • We improved the navigation to make it easier to browse through apps in different environments:
  • User details show tags:
  • IPs also have additional tags to show if an IP is known to be a Datacenter or a Proxy
  • Pulses views are improved

Improve your apps with Sqreen Webhooks

New

You can now build security features in your apps or in your admin interface!

Sqreen now supports WebHooks to allow you to receive real-time information about events detected by Sqreen.

Here are a few examples of integrations:

  • Get notified when a user repeatedly fails to login, which can be useful to monitor your VIP customers
  • Get notified when a user is sharing his account with other people
  • Get notified when a user performs an attack
  • Get notified when user accounts are targeted by account takeover attacks
  • Integrate a security page for your users

Check out our documentation and let us know if you need any help!

Several product improvements

Improvement

  • Allow for sorting by login successes or failures on the user list
  • New pulse: peak of 50x or 40x errors including graphs
  • The application environment is now shown in the menu
  • Added more details on vulnerability discovery event
  • Improved Slack notifications

New Security Events and Pulses

New

New security events detected on Sqreen:

  • Sensible file fingerprinting
  • NoSQL injections tentatives

New Pulse detected:

  • Peak of account takeover tentatives

New Slack Integration

New

We reviewed our whole Slack integration and included a daily Slack report. Go to your profile to integrate the Slack integration:

Daily Report Example:

New Pulses

New

The following pulses were added to our list of pulses:

  • Peaks of account enumerations
  • Successful account takeover
  • Unusual user activity: logins from suspicious locations, shared accounts, etc.
  • Peak of HTTP errors (40x, 50x) related to security

Pyramid Support

New

Sqreen is happy to support the Pyramid Framework in Python. After Django and Flask, Pyramid is the third Python framework supported on Sqreen.

You can read more on our blog

Identify Inactive Users, Temporary Emails & Users only seen once

New

We introduced a couple of new user flags to help you identify suspicious user activities.

  • Inactive Users: shows users with no successful connection in the past two weeks
  • Seen Once: shows users that only have one successful connection
  • Temporary emails: shows users connecting from a temporary email to hide their identity

Those flags are especially useful to identify fraud activities.

Improved events and user filtering

Improvement

After several requests, we improved the events and users filtering. It's now easier to filter events and users.

Improved Pulse details view

Improvement

We improved the pulse details view. You can now have a better overview of the IPs and User Agents involved in the pulse. Click on an IP to see the detail of that IP.

Whitelist an IP or a User

New

By whitelisting an IP/user, you will not receive any pulse or notifications regarding that whitelisted IP/user. This is particularly useful if recurring scans are being triggered on an app.

Managing the whitelist can be done on the app settings:

Christmas Fixes 🎁

Fix

Lots of small fixes and improvements on the

  • Dashboard
  • IP view
  • Demo app
  • Pulses view
  • App settings
  • Account settings

New Dashboard!

New

We just released a new Dashboard to give a better overview on the security of your application. With this improved view, you can easily:

  • identify the actions that need to be taken in terms of security
  • identify important security events in your app
  • identify trends and track your security over time

Ruby agent version 1.1.2

Fix

Improved security APIs statistics collection. Also stopped freezing the user-agent string to avoid unexpected issues on later modification.

IP view detail

New

You can now get details about every IP. Discover user connections, attacks or accounts linked to a specific IP. Just click on an IP in a security event or user and discover all the activity related to that IP.

Here is an example:

Discover users with lost passwords or shared accounts

Improvement

Users with shared accounts or lost passwords can represent a business threat to your business. You can now discover users with shared accounts or lost passwords. It's great to prevent customer churn or increase your revenue if your business is based on a per-seat model.

New Relic Insights Integration

New

Monitor your application security in New Relic Insights. Set it up in your application settings or read more on our blog.

Simplified Navigation Menu

Improvement

Sqreen now has a slimmer navigation menu to improve the visibility on our different product views.

Authentication SDK for user monitoring in Ruby

New

Sqreen currently supports Devise authentication out of the box. If you use any other framework or custom code, you can now use our new SDK. This SDK is available for versions of sqreen gem after 1.1.0.

Take a look at the detailed documentation: http://doc.sqreen.io/docs/ruby-agent-users-monitoring

Performance improvements on the Ruby agent

Improvement

Version 1.0.0 brings performance improvements to the Ruby agent. The agent network communication are greatly improved for new agent logins.

New Userlist filter

New

You can now filter your users by specific characteristics. The first filter available is for users that connected via Tor. More filters will come in the next days.

Redesigned Weekly Reports

Improvement

Weekly reports were improved to reflect the changes in the overall product. They include pulses and all the weekly statistics on your apps.

Introducing Pulses

New

What are pulses?

Pulses bring a layer of intelligence on top of security events triggered inside your apps. You will only be notified about major attacks and suspicious user activities when your attention is required.
 Receive actionable information on every event to keep your app and users safe.

No published changelogs yet.

Surely Sqreen will start publishing changelogs very soon.

Check out our other public changelogs: Buffer, Respond, JSFiddle, Ustream, ViralSweep, StartupThreads, Userlike, Unixstickers, Survicate, Envoy, Gmelius, Coiney, Streamable, Reviewable, Iubenda, HappyFox Chat