|
|
|
|
|
|
by pierrebetouin
2565 days ago
|
|
|
That's a fair point (which is raised regularly) so we architectured Sqreen in a way that we have a very low security footprint. We stream security metadata (as APM solutions stream performance metadata) so we don't need to redirect traffic. Business information/data are usually not required to investigate a security issue, so we strip scalars from SQL queries whenever we detect SQL injection for instance, and we collect as little as we can. Re attack vectors: agreed that more code leads to more attack surface, but that's the same rationale with frameworks, other agents (APM, error/log monitoring, etc.) and often less transparent, when running on pre-packaged containers, or even on an appliance (code running on Firewalls / web app firewalls solution can usually not be audited). Our agents are not (yet) open source but are audited regularly by our users. Sorry to hear about the bug you've hit when you tried Sqreen. Would love to know more directly (PM?) so we can debug it and provide a better experience there. The agents are using a v8 virtual machine to avoid problems of that type (we can’t mess up with the original app logic), so it acts as a sandbox there. |
|
|
But tell me this: if I buy Sqreen's services, will you guarantee to make my customers (and me) financially whole should you be the source of a compromise?
Will you make us financially whole if we integrate you properly but you don't do your job?