A Cloud-Native Security Monitoring and Protection for Modern Applications
Documentation |
Quick Start |
Blog |
Chat with us on Slack!
[SecureNative](https://www.securenative.com/) performs user monitoring by analyzing user interactions with your application and various factors such as network, devices, locations and access patterns to stop and prevent account takeover attacks.
## Install the SDK
Add this line to your application's Gemfile:
```ruby
gem 'securenative'
```
Then execute:
$ bundle install
Or install it yourself as:
$ gem install securenative
## Initialize the SDK
To get your *API KEY*, login to your SecureNative account and go to project settings page:
### Option 1: Initialize via Config file
SecureNative can automatically load your config from *securenative.yml* file or from the file that is specified in your *SECURENATIVE_CONFIG_FILE* env variable:
```ruby
require 'securenative'
secureative = SecureNative.init
```
### Option 2: Initialize via API Key
```ruby
require 'securenative'
securenative = SecureNative.init_with_api_key('YOUR_API_KEY')
```
### Option 3: Initialize via ConfigurationBuilder
```ruby
require 'securenative'
options = ConfigurationBuilder.new(api_key: 'API_KEY', max_events: 10, log_level: 'ERROR')
SecureNative.init_with_options(options)
```
## Getting SecureNative instance
Once initialized, sdk will create a singleton instance which you can get:
```ruby
require 'securenative'
secureNative = SecureNative.instance
```
## Tracking events
Once the SDK has been initialized, tracking requests sent through the SDK
instance. Make sure you build event with the EventBuilder:
```ruby
require 'securenative'
require 'models/event_options'
require 'enums/event_types'
require 'models/user_traits'
def track
securenative = SecureNative.instance
context = SecureNativeContext.new(client_token: 'SECURED_CLIENT_TOKEN', ip: '127.0.0.1',
headers: { 'user-agent' => 'Mozilla: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.3 Mozilla/5.0 (Macintosh; Intel Mac OS X x.y; rv:42.0) Gecko/20100101 Firefox/43.4' })
event_options = EventOptions.new(event: EventTypes::LOG_IN, user_id: '1234', context: context,
user_traits: UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
properties: { custom_param1: 'CUSTOM_PARAM_VALUE', custom_param2: true, custom_param3: 3 })
securenative.track(event_options)
@message = 'tracked'
end
```
You can also create request context from requests:
```ruby
require 'securenative'
require 'models/event_options'
require 'enums/event_types'
require 'models/user_traits'
def track(request)
securenative = SecureNative.instance
context = SecureNativeContext.from_http_request(request)
event_options = EventOptions.new(event: EventTypes::LOG_IN, user_id: '1234', context: context,
user_traits: UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
properties: { custom_param1: 'CUSTOM_PARAM_VALUE', custom_param2: true, custom_param3: 3 })
securenative.track(event_options)
@message = 'tracked'
end
```
## Verify events
**Example**
```ruby
require 'securenative'
require 'models/event_options'
require 'enums/event_types'
require 'models/user_traits'
def verify(request)
securenative = SecureNative.instance
context = SecureNativeContext.from_http_request(request)
event_options = EventOptions.new(event: EventTypes::LOG_IN, user_id: '1234', context: context,
user_traits: UserTraits.new(name: 'Your Name', email: 'name@gmail.com', phone: '+1234567890'),
properties: { custom_param1: 'CUSTOM_PARAM_VALUE', custom_param2: true, custom_param3: 3 })
verify_result = securenative.verify(event_options)
verify_result.risk_level # Low, Medium, High
verify_result.score # Risk score: 0 -1 (0 - Very Low, 1 - Very High)
verify_result.triggers # ["TOR", "New IP", "New City"]
end
```
## Webhook signature verification
Apply our filter to verify the request is from us, for example:
```ruby
require 'securenative'
def webhook_endpoint(request)
securenative = SecureNative.instance
# Checks if request is verified
is_verified = securenative.verify_request_payload(request)
end
```