Repository files navigation

After performance monitoring (APM), error and log monitoring it’s time to add asecurity component into your app. Sqreen’s microagent automatically monitorssensitive app’s routines, blocks attacks and reports actionable infos to yourdashboard.

Sqreen provides automatic defense against attacks:

• Protect with security modules: RASP (Runtime Application Self-Protection),in-app WAF (Web Application Firewall), Account takeovers and more.

• Sqreen’s modules adapt to your application stack with no need ofconfiguration.

• Prevent attacks from the OWASP Top 10 (Injections, XSS and more), 0-days, dataLeaks, and more.

• Create security automation playbooks that automatically react against youradvanced business-logic threats.

For more details, visitsqreen.com

1. Use the middleware function for the Go web framework you use:

   • net/http
   • Gin
   • Echo

   If your framework is not listed, it is usually possible to use instead thestandardnet/http middleware. If not, please, let us knowbycreating an issue.

2. Compile your program with Sqreen

   Sqreen's dynamic configuration of your protection is made possible thanks toGo instrumentation. It is safely performed at compilation time by thefollowing instrumentation tool.

   Install the following instrumentation tool and compile your program using itin order to enable Sqreen.

   1. Usego install to compile the instrumentation tool:

      $go install github.com/sqreen/go-agent/sdk/sqreen-instrumentation-tool

      By default, the resultingsqreen-instrumentation-tool tool is installedin thebin directory of theGOPATH. You can find it usinggo env GOPATH.

   2. Configure the Go toolchain to use it:

      Use the instrumentation tool using the go options-a -toolexec /path/to/sqreen-instrumentation-tool.

      It can be done either in your Go compilation command lines or by settingtheGOFLAGS environment variable.

      For example, the following two commands are equivalent:

      $go build -a -toolexec$(go env GOPATH)/bin/sqreen-instrumentation-tool my-project$env GOFLAGS="-a -toolexec$(go env GOPATH)/bin/sqreen-instrumentation-tool" go build my-project

3. Signup to Sqreen to get your app credentials:

   app_name: Your Go app nametoken: your token

   This file can be stored in your current working directory when starting theexecutable, the same directory as your app's executable file, or in any otherpath by defining the configuration file location into the environmentvariableSQREEN_CONFIG_FILE.

Congratulations, your Go web application is now protected by Sqreen!

Optionally, use the SDK toperformuser monitoringorcustom security events you wouldlike to track and possibly block.