Sqreen Pulses are security activities that require your attention
Sqreen Pulses provide information about major security activities that require immediate action(s) on your side, or that require your attention.
The number of new Pulses is displayed on the Pulse icon in the menu. Each Pulse can be marked as read or unread.
Sqreen Pulses contain various information to help you mitigate the issues. The following information can be provided:
- Stack trace of the execution, to help you locate and fix the vulnerability in your code.
- HTTP requests details to help you reproduce the attack.
- Charts like the intensity of attack, peaks of errors/exceptions, or network activity.
- List of user account(s) used by the attackers.
- IP and geography used during the attack.
- Attackers information, such as user agents, other user accounts used by this attacker, the Use of a proxy or TOR network.
- User accounts put at risk or compromised.
Actions on your side before it is too late
When user accounts are compromised in your application, or when some of them are attacking your apps, or when security breaches are detected in your application, Sqreen will generate security Pulses. Pulse detail view provides actions that are required on your side.
The actions required on your side can be: - To fix the code directly when a security breach is detected - To fix the app behavior/code when application is raising security errors - To block user accounts which have been compromised by attackers - To reset account credentials that have suspicious activity - To update third-party dependencies that are vulnerable to known attacks
Digging into low level security events
Low level security events are available anytime in Security logs and events view. Security events can be sorted, filtered out, correlated by source IP, geography, types of events, etc.
Pulse notifications are sent directly by email, Slack notification, or any other integration you set up.