We reviewed our whole Slack integration and included a daily Slack report. Go to your profile to integrate the Slack integration:
New Slack Integration
The following pulses were added to our list of pulses:
- Peaks of account enumerations
- Successful account takeover
- Unusual user activity: logins from suspicious locations, shared accounts, etc.
- Peak of HTTP errors (40x, 50x) related to security
Sqreen is happy to support the Pyramid Framework in Python. After Django and Flask, Pyramid is the third Python framework supported on Sqreen.
You can read more on our blog
Identify Inactive Users, Temporary Emails & Users only seen once
We introduced a couple of new user flags to help you identify suspicious user activities.
- Inactive Users: shows users with no successful connection in the past two weeks
- Seen Once: shows users that only have one successful connection
- Temporary emails: shows users connecting from a temporary email to hide their identity
Those flags are especially useful to identify fraud activities.
Improved events and user filtering
After several requests, we improved the events and users filtering. It's now easier to filter events and users.
Improved Pulse details view
We improved the pulse details view. You can now have a better overview of the IPs and User Agents involved in the pulse. Click on an IP to see the detail of that IP.
Whitelist an IP or a User
By whitelisting an IP/user, you will not receive any pulse or notifications regarding that whitelisted IP/user. This is particularly useful if recurring scans are being triggered on an app.
Managing the whitelist can be done on the app settings:
Christmas Fixes 🎁
Lots of small fixes and improvements on the
- IP view
- Demo app
- Pulses view
- App settings
- Account settings
We just released a new Dashboard to give a better overview on the security of your application. With this improved view, you can easily:
- identify the actions that need to be taken in terms of security
- identify important security events in your app
- identify trends and track your security over time
Ruby agent version 1.1.2
Improved security APIs statistics collection. Also stopped freezing the user-agent string to avoid unexpected issues on later modification.
IP view detail
You can now get details about every IP. Discover user connections, attacks or accounts linked to a specific IP. Just click on an IP in a security event or user and discover all the activity related to that IP.
Here is an example:
Discover users with lost passwords or shared accounts
Users with shared accounts or lost passwords can represent a business threat to your business. You can now discover users with shared accounts or lost passwords. It's great to prevent customer churn or increase your revenue if your business is based on a per-seat model.
New Relic Insights Integration
Monitor your application security in New Relic Insights. Set it up in your application settings or read more on our blog.
Simplified Navigation Menu
Sqreen now has a slimmer navigation menu to improve the visibility on our different product views.
Authentication SDK for user monitoring in Ruby
Sqreen currently supports Devise authentication out of the box. If you use any other framework or custom code, you can now use our new SDK. This SDK is available for versions of sqreen gem after 1.1.0.
Take a look at the detailed documentation: http://doc.sqreen.io/docs/ruby-agent-users-monitoring
Performance improvements on the Ruby agent
Version 1.0.0 brings performance improvements to the Ruby agent. The agent network communication are greatly improved for new agent logins.
New Userlist filter
You can now filter your users by specific characteristics. The first filter available is for users that connected via Tor. More filters will come in the next days.
Redesigned Weekly Reports
Weekly reports were improved to reflect the changes in the overall product. They include pulses and all the weekly statistics on your apps.
What are pulses?
Pulses bring a layer of intelligence on top of security events triggered inside your apps. You will only be notified about major attacks and suspicious user activities when your attention is required. Receive actionable information on every event to keep your app and users safe.