Update: this feature is now deprecated
The Sqreen Agent is one powerful tool for keeping your web application’s backend safe. Today we are excited to release another tool for your security toolbox, the Sqreen API.
The two endpoints we are releasing today allow you to tap into Sqreen’s extensive database of bad actors and malicious behavior to discover whether an email or IP address poses a risk to your app. These endpoints can answer questions like:
- Does that email address originate with an email anonymizer?
- Is that IP address a Tor exit node?
- Where is this user on the map?
- Has this user ever been implicated in a known attack in the past?
Use this information to flag or screen [ed: ?] signups to your service, to detect if unusual activity is originating from a suspicious address, and to generally arm yourself with additional risk assessment when you need it.
Learn more about getting started with the Sqreen API in our documentation portal.
The Sqreen API is free to use—simply sign up for an account, and create a new Developer Sandbox project to get your API key.
Trusted by Stootie
Simple, social, local, and instant, Stootie is one of the leading European marketplaces bringing together people to share services. As a marketplace, Stootie is confronted with a strong traffic of users, sometimes malicious. Concerned about the security of their infrastructure, their users, and the confidentiality of their data, Stootie has developed and deployed a fraud detection microservice within its architecture. This fraud detection microservice analyzes all the events moving through Stootie’s platforms, and returns an analysis report to the microservices linked to user moderation.
A large part of this detection was focused on the analysis of IPs and emails in order to detect the use of multiple accounts, or accounts wishing to hide their identity for fraudulent reasons (for example, a connection that hides behind a Tor node or a private proxy is usually a bad sign in our business). The Sqreen API has provided exactly the expertise that Stootie needed to make this microservice effective. Stootie’s engineers gained a lot of time by offloading this security analysis to Sqreen.
In the second phase of integrating Sqreen within Stootie, they plan to use Sqreen’s webhooks to secure their microservices architecture. While they are happy how they have handled the security inside of their containers, they realize that in case of an attack from outside one needs to react quickly. Sqreen’s webhooks will raise alarms on their side and allow them to discriminate alerts and act accordingly. For example when a massive scan from an attacker is detected by Sqreen, Stootie’s engineering team will be able to quickly and automatically update their security policies to stop the attack in its tracks, without disrupting their users experience.
What will you use the Sqreen API for? It is free to use—simply sign up for an account, and create a new Developer Sandbox project to get your API key.
Also: a new Devise plugin?
But wait…there’s more!
If you build with Rails, you are probably familiar with Devise—it’s a flexible authentication solution that takes the pain out of managing user signups in your Rails app. We’ve built a new Devise plugin called devise_sqreener that uses the Sqreen API to allow you to set policies to reject or flag signups based on the assessed risk of the email and IP addresses of the new user. You’ll need to sign up and create a new Developer Sandbox to get your API key, then follow the instructions in the readme to get started.
In the coming weeks and months, we anticipate releasing more endpoints that let you tap into Sqreen’s extensive database of known vulnerabilities and security analysis, and that allow you to give the Sqreen Agent deeper insight into your business logic to help spot patterns of malicious activity sooner.