Built-in security responses

Security responses help you automate scenarios faster. When installing one of our libraries, you immediately benefit from the following responses:

  1. Block an IP address or a user account temporarily or permanently.
  2. Redirect the request to a pre-defined URL.
  3. POST the context to a webhook URL on trigger. Learn more about the payload.

More security responses are coming!

Interested in a missing security response? Contact us!

Security responses and user accounts

In order to protect your application from authenticated attackers, you must implement the related Sqreen SDK methods.

Refer to your technology guide to learn more:

What blocked IP or user will see

Blocked IP or user visiting your application will see this page.

If you're willing to display a custom page instead, we recommand you to use the redirect security response.

blocked-page

Interested in customising this page? Contact us!

POST to webhook

A security response payload will be sent every time a Security Playbook triggers.

Payload structure

[
  {
    "id": "NWE4NzYyNWZjZWZlOGIwMDE2OTMzNzIzOjViM2UyYjMxNjk2NGE4MDAxYjUwMGNhMTo1YjUxY2YwZDUwZTBjNjAwMjQxOTljMjVfX3dlYmhvb2s6MTcyLjE3LjAuMS8zMjo5YmFiOTE3ZThjMTQxMWU4OTBkNDAyNDJhYzExMDAwNA==",
    "sqreen_payload_type": "security_response",
    "date_created": "2018-07-20T12:01:17.374627+00:00",
    "application": {
      "name": "Application name",
      "environment": "production",
      "id": "5a87625fcefe8b16933724"
    },
    "properties": {
      "ips": [
        {
          "ip_cidr": "172.17.0.1/32"
        }
      ],
      "user_identifiers": [
        {
          "email": "user@sqreen.io"
        }
      ]
    },
    "playbook": {
      "name": "Peak of login failure",
      "id": "5b3e2b316964a8001b500ca2"
    }
  }
]