A Cloud-Native Security Monitoring and Protection for Modern Applications
Documentation | Quick Start | Blog | Chat with us on Slack!
SecureNative performs user monitoring by analyzing user interactions with your application and various factors such as network, devices, locations and access patterns to stop and prevent account takeover attacks.
Navigate to your application project folder and enter:
npm i @securenative/sdkVerify that @securenative/sdk appears in your package to your package.json.
To get your API KEY, login to your SecureNative account and go to project settings page:
import { SecureNative, EventTypes } from "@securenative/sdk";
or;
const { SecureNative, EventTypes } = require("@securenative/sdk"); // if your using ES5SecureNative can automatically load your config from securenative.json that you can add to your application folder.
cat > securenative.json <<EOF
{
"SECURENATIVE_APP_NAME": "YOUR_APPLICATION_NAME",
"SECURENATIVE_API_KEY": "YOUR_API_KEY"
}
EOFSecureNative.init({ apiKey: "Your API_KEY" });Once initialized, sdk will create a singleton instance which you can get:
const secureNative = SecureNative.getInstance();Once the SDK has been initialized, tracking requests sent through the SDK instance. Make sure you build event with the EventBuilder:
import { SecureNative, EventTypes, contextFromRequest } from "@securenative/sdk";
secureNative.track({
event: EventTypes.LOG_IN,
userId: '1234',
userTraits: {
name: 'Your Name',
email: 'name@gmail.com',
phone: '+1234567890'
},
context: contextFromRequest(req)
});If you don't have acess to request object you can construct the context manually:
secureNative.track({
event: EventTypes.LOG_IN,
userId: '1234',
userTraits: {
name: 'Your Name',
email: 'name@gmail.com',
phone: '+1234567890'
},
context: {
ip: '10.0.0.0',
clientToken: 'Token from client',
headers: {
"user-agent": 'Mozilla/5.0 (iPad; U; CPU OS 3_2_1 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Mobile/7B405"'
}
}
}); const verifyResult = await secureNative.verify({
event: EventTypes.LOG_IN,
userId: '1234',
userTraits: {
name: 'Your Name',
email: 'name@gmail.com',
phone: '+1234567890'
},
context: contextFromRequest(req)
})
verifyResult.riskLevel // Low, Medium, High
verifyResult.score // Risk score: 0 -1 (0 - Very Low, 1 - Very High)
verifyResult.triggers // ["TOR", "New IP", "New City"]
}| Option | Type | Optional | Default Value | Description |
|---|---|---|---|---|
| SECURENATIVE_API_KEY | string | false | none | SecureNative api key |
| SECURENATIVE_APP_NAME | string | false | package.json | Name of application source |
| SECURENATIVE_API_URL | string | true | https://api.securenative.com/v1/collector | Default api base address |
| SECURENATIVE_INTERVAL | number | true | 1000 | Default interval for SDK to try to persist events |
| SECURENATIVE_MAX_EVENTS | number | true | 1000 | Max in-memory events queue |
| SECURENATIVE_TIMEOUT | number | true | 1500 | API call timeout in ms |
| SECURENATIVE_AUTO_SEND | Boolean | true | true | Should api auto send the events |
| SECURENATIVE_DISABLE | Boolean | true | true | Allow to disable agent functionality |
| SECURENATIVE_LOG_LEVEL | string | true | fatal | Displays debug info to stdout |
This agent is compatible with Node.js 8 and higher.
For other compatibility related information, please visit the compatibility page.
For more details, please visit documentation page, available on docs.securenative.com.