A Cloud-Native Security Monitoring and Protection for Modern Applications
Documentation | Quick Start | Blog | Chat with us on Slack!
SecureNative performs user monitoring by analyzing user interactions with your application and various factors such as network, devices, locations and access patterns to stop and prevent account takeover attacks.
Install the SDK
Navigate to your application project folder and enter:
npm i @securenative/sdkVerify that @securenative/sdk appears in your package to your package.json.
Initialize the SDK
To get your API KEY, login to your SecureNative account and go to project settings page:
import { SecureNative, EventTypes } from "@securenative/sdk";
or;
const { SecureNative, EventTypes } = require("@securenative/sdk"); // if your using ES5Option 1: Initialize via Config file
SecureNative can automatically load your config from securenative.json that you can add to your application folder.
cat > securenative.json <<EOF
{
"SECURENATIVE_APP_NAME": "YOUR_APPLICATION_NAME",
"SECURENATIVE_API_KEY": "YOUR_API_KEY"
}
EOFOption 2: Initialize via config options
SecureNative.init({ apiKey: "Your API_KEY" });Getting SecureNative instance
Once initialized, sdk will create a singleton instance which you can get:
const secureNative = SecureNative.getInstance();Tracking events
Once the SDK has been initialized, tracking requests sent through the SDK instance. Make sure you build event with the EventBuilder:
import { SecureNative, EventTypes, contextFromRequest } from "@securenative/sdk";
secureNative.track({
event: EventTypes.LOG_IN,
userId: '1234',
userTraits: {
name: 'Your Name',
email: 'name@gmail.com',
phone: '+1234567890'
},
context: contextFromRequest(req)
});If you don't have acess to request object you can construct the context manually:
secureNative.track({
event: EventTypes.LOG_IN,
userId: '1234',
userTraits: {
name: 'Your Name',
email: 'name@gmail.com',
phone: '+1234567890'
},
context: {
ip: '10.0.0.0',
clientToken: 'Token from client',
headers: {
"user-agent": 'Mozilla/5.0 (iPad; U; CPU OS 3_2_1 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Mobile/7B405"'
}
}
});Verify events
const verifyResult = await secureNative.verify({
event: EventTypes.LOG_IN,
userId: '1234',
userTraits: {
name: 'Your Name',
email: 'name@gmail.com',
phone: '+1234567890'
},
context: contextFromRequest(req)
})
verifyResult.riskLevel // Low, Medium, High
verifyResult.score // Risk score: 0 -1 (0 - Very Low, 1 - Very High)
verifyResult.triggers // ["TOR", "New IP", "New City"]
}Configuration
| Option | Type | Optional | Default Value | Description |
|---|---|---|---|---|
| SECURENATIVE_API_KEY | string | false | none | SecureNative api key |
| SECURENATIVE_APP_NAME | string | false | package.json | Name of application source |
| SECURENATIVE_API_URL | string | true | https://api.securenative.com/v1/collector | Default api base address |
| SECURENATIVE_INTERVAL | number | true | 1000 | Default interval for SDK to try to persist events |
| SECURENATIVE_MAX_EVENTS | number | true | 1000 | Max in-memory events queue |
| SECURENATIVE_TIMEOUT | number | true | 1500 | API call timeout in ms |
| SECURENATIVE_AUTO_SEND | Boolean | true | true | Should api auto send the events |
| SECURENATIVE_DISABLE | Boolean | true | true | Allow to disable agent functionality |
| SECURENATIVE_LOG_LEVEL | string | true | fatal | Displays debug info to stdout |
Compatibility
This agent is compatible with Node.js 8 and higher.
For other compatibility related information, please visit the compatibility page.
Documentation
For more details, please visit documentation page, available on docs.securenative.com.