Skip to main content

Sqreen Token

Description#

General#

  • Documentation: https://docs.sqreen.com/
  • Summary: Sqreen is an application security management software that enables to protect applications, microservices, and APIs from malicious attacks. It exposes its services via an API.
  • IPs allowlist: This feature is not mentioned in the documentation.
  • Scopes: Sqreen allows to create one token per environment in which applciations are deployed.

Revoke the secret#

Secrets can be revoked and regenerated from the developer's dashboard.

Check for suspicious activity#

Sqreen does not provide an exhaustive log of all API calls. But slack integration or the use of webhooks can give hints about suspicious usage of credentials.

Details for Sqreen token#

  • Family: Api

  • Category: Code analysis

  • Company: Sqreen

  • High recall: True

  • Validity check available: False

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 0.04

  • Prefixed: True

  • PreValidators:

- type: ContentWhitelistPreValidator  patterns:  - org_

Examples#

- text: |    sh > sqreen-install.sh && bash sqreen-install.sh 'org_8bdf8d8bcabfbe20ded38b10a07510b2b6dd9ac5786467c6a2fdf88193e9' '${SQREEN_APP_NAME}'    RUN sqreen-installer config  apikey: org_8bdf8d8bcabfbe20ded38b10a07510b2b6dd9ac5786467c6a2fdf88193e9