Sqreen Incidents

Sqreen Incidents are security activities that require your attention

Sqreen Incidents provide information about major security activities that require immediate action(s) on your side, or that require your attention.

The number of new Incidents is displayed on the Incidents icon in the menu. Each Incident can be marked as read or unread.


Sqreen Incidents contain various information to help you mitigate the issues. The following information can be provided:

  • Stack trace of the execution, to help you locate and fix the vulnerability in your code.
  • HTTP requests details to help you reproduce the attack.
  • Charts like the intensity of attack, peaks of errors/exceptions, or network activity.
  • List of user account(s) used by the attackers.
  • IP and geography used during the attack.
  • Attackers information, such as user agents, other user accounts used by this attacker, the Use of a proxy or TOR network.
  • User accounts put at risk or compromised.


Actions on your side before it is too late

When user accounts are compromised in your application, or when some of them are attacking your apps, or when security breaches are detected in your application, Sqreen will generate security Incidents. Incidents detail view provides actions that are required on your side.

The actions required on your side can be: - To fix the code directly when a security breach is detected - To fix the app behavior/code when application is raising security errors - To block user accounts which have been compromised by attackers - To reset account credentials that have suspicious activity - To update third-party dependencies that are vulnerable to known attacks

Pulse list.png

Digging into low level security events

Low level security events are available anytime in Security logs and events view. Security events can be sorted, filtered out, correlated by source IP, geography, types of events, etc.


Incidents notifications are sent directly by email, Slack notification, or any other integration you set up.