[mushufasa]

Congrats on the launch! I've actually tried this out, and both the developer experience and dashboard user interface are very slick.

The main concern I've heard from senior security experts that have advised us is about __your__ access. By embedding Sqreen to intercept all web server traffic at the gateway (e.g. WSGI in Python), your solution adds a worry about an attack vector -- if Sqreen itself is compromised, everything about our website is compromised. Or, any general server errors at Sqreen will bring down the entire web application, possibly without warning (web app won't be able to trigger 500s), with no way to remedy except removing Sqreen and re-deploying. That actually happened for us for 12+ hours during the one month we tried out Sqreen.

I think the problem you're addressing is definitely a very real and huge problem. Would love to hear your response to the above.

[pierrebetouin]

That's a fair point (which is raised regularly) so we architectured Sqreen in a way that we have a very low security footprint. We stream security metadata (as APM solutions stream performance metadata) so we don't need to redirect traffic. Business information/data are usually not required to investigate a security issue, so we strip scalars from SQL queries whenever we detect SQL injection for instance, and we collect as little as we can.

Re attack vectors: agreed that more code leads to more attack surface, but that's the same rationale with frameworks, other agents (APM, error/log monitoring, etc.) and often less transparent, when running on pre-packaged containers, or even on an appliance (code running on Firewalls / web app firewalls solution can usually not be audited). Our agents are not (yet) open source but are audited regularly by our users.

Sorry to hear about the bug you've hit when you tried Sqreen. Would love to know more directly (PM?) so we can debug it and provide a better experience there. The agents are using a v8 virtual machine to avoid problems of that type (we can’t mess up with the original app logic), so it acts as a sandbox there.

[dsr_]

"very low security footprint" -- that's great.

But tell me this: if I buy Sqreen's services, will you guarantee to make my customers (and me) financially whole should you be the source of a compromise?

Will you make us financially whole if we integrate you properly but you don't do your job?

[masukomi]

> Will you make us financially whole if we integrate you properly but you don't do your job?

No-one would guarantee that. That would require them to be 100% perfect (never have any bugs) and know about all possible attack types _before_ they happen. That's just not possible. New attack techniques are being invented all the time.

> will you guarantee to make my customers (and me) financially whole should you be the source of a compromise?

while possible, it'd also potentially make them instantly insolvent. Think about all the "damages" and "losses" the music industry claimed from single uploads of ripped CDs. Even if you could get a company to agree to that (not likely) the compromised people are motivated to inflate damages and the people who were the "source" of the compromise would find themselves with the options of litigating you to death for years (cheaper than a payout on inflated "damages") or going bankrupt.

[jessaustin]

NB: "mess with" would be more idiomatic than "mess up with", both here and above.

[ollerac]

The run infinitely nested versions of Sqreen, of course.