DEV+SEC+OPS

DevSecOps in Your Terminal. Debug. Investigate. Secure.

One npm install. Investigate production bugs, catch hackers, and automate security — from your terminal or AI chat.

Easy enough for vibecoders. Powerful enough for security engineers.

Start FreeView on npm

Node.js · Next.js · Express · Fastify · NestJS · Koa · + 5 more

securenow cli

# investigate a production bug

$ securenow forensics "why is /checkout returning 500s?"

Found 34 errors on POST /api/checkout since 14:00...

# stream production errors

$ securenow logs --level error --minutes 30

# AI-analyze a suspicious trace

$ securenow traces analyze abc123

[AI] SQL injection payload detected in request body

# investigate & block an IP

$ securenow ip lookup 185.220.101.34

Verdict: MALICIOUS · Tor exit node · AbuseIPDB 100%

$ securenow blocklist add 185.220.101.34

IP blocked across all apps

BUILT FOR BOTH SIDES OF THE STACK

One Platform. Two Superpowers.

Whether you're debugging a production outage or investigating a hacking attempt, SecureNow gives you the data and the tools.

For Developers
Debug production, fast
Debug production errors with AI trace analysis
Stream logs by severity — filter errors, warnings, info
Trace any request end-to-end across services
Ask "why is /checkout failing?" in plain English
Pipe CLI output into Claude to investigate from your IDE
Discover all your API endpoints automatically
For Security Engineers
Investigate threats, respond instantly
Investigate hacking attempts with full request forensics
IP intelligence via AbuseIPDB + internal threat data
Natural-language forensic queries across all your data
Automated blocklist with AI-generated exclusion rules
Custom alert rules to Slack, email, and webhooks
Full request replay with automatic PII redaction
Start Free
VIBECODER APPROVED

Built for the Vibecoding Generation

You don't need to be a security expert. You don't even need to read the docs. Copy one prompt, paste it into Cursor, and your app is production-ready and secure.

Copy-Paste Setup

One prompt in Cursor or Claude. AI reads the SDK docs, runs login, sets env vars, and verifies — you just watch.

Zero Config Security

Auto-instrumentation captures every request, log, and trace. No middleware to write. No YAML files to edit. It just works.

Ask, Don't Google

"Why is /checkout returning 500?" — ask in plain English via CLI or AI chat. Get answers from your actual production data.

CLI That Speaks Human

No jq gymnastics. No grep pipelines. Just securenow forensics "what happened?" and get a real answer.

Ship Fast, Stay Safe

Vibe your way to a working app. SecureNow handles observability and security while you focus on building features.

AI Agent Has Your Back

An autonomous AI agent monitors your app 24/7 — detects anomalies, blocks bad IPs, and alerts you before users even notice.

Vibe first. Secure always.

You build the features. We handle the rest — traces, logs, threat detection, and incident response. All on autopilot.

CLI-FIRST WORKFLOW

Your Terminal Is Your Ops Center

Every feature accessible from the command line. Investigate bugs, hunt threats, take action — without leaving your terminal.

Investigate Bugs
securenow logs --level error

Stream production errors

securenow traces show <id>

Full request trace with spans

securenow traces analyze <id>

AI root cause analysis

securenow logs trace <id>

Logs correlated to a trace

Hunt Threats
securenow forensics "SQL injections today"

Natural-language queries

securenow ip lookup <ip>

IP reputation + geo + abuse

securenow ip traces <ip>

All traces from an IP

securenow issues list

Open security issues

Take Action
securenow blocklist add <ip>

Block an IP across all apps

securenow alerts rules

Manage alert rules

securenow issues resolve <id>

Close a security issue

securenow trusted add <ip>

Allowlist a trusted IP

Monitor
securenow status

Dashboard overview

securenow analytics

HTTP response analytics

securenow api-map list

Discovered API endpoints

securenow notifications list

Security notifications

Pipe into Claude. Script with --json. Automate everything.

Every command supports --json output. Feed results into Claude from Cursor, build CI/CD security gates, or create custom dashboards.

Install the CLI
THREE SUPERPOWERS

Investigate. Respond. Repeat.

From production debugging to attack investigation to automated response — all in one place.

Investigate Production Bugs

Trace any request end-to-end. Stream logs by severity. AI analyzes errors and shows root cause with stack traces and deployment correlation.

$ securenow logs --level error --minutes 60

$ securenow traces analyze abc123

[AI] TypeError at checkout.js:147 — null cart after v2.4.1 deploy

Investigate Security Threats

Natural-language forensic queries. IP reputation checks via AbuseIPDB. Correlate attack patterns across all your apps. Full request replay with PII redacted.

$ securenow forensics "SQL injections in the last hour"

$ securenow ip lookup 185.220.101.34

Verdict: MALICIOUS · Tor exit · 47 injection payloads

Automate Response

AI auto-blocks malicious IPs. Custom alert rules to Slack, email, and webhooks. Automation rules for remediation. Trusted IP allowlisting with one command.

$ securenow blocklist add 185.220.101.34

IP blocked across 3 apps

$ securenow alerts rules

5 active rules · Slack #security · email ops@

Start Free
AI FORENSICS CHAT

Chat With Your Production Data

Debug production errors, investigate attacks, and take action — all through conversation. Also available as securenow forensics in your terminal.

SecureNow AI · my-apiLIVE

Why is /api/checkout returning 500 errors since 2pm?

Found 34 errors on POST /api/checkout since 14:00:

TypeError31 occurrences

Cannot read property 'id' of undefined

at CheckoutService.process (checkout.js:147)

TimeoutError3 occurrences

Payment gateway timeout after 30s

The TypeError started after deploy v2.4.1 at 13:58. Likely a missing null check on the cart object.

Show me all SQL injection attempts in the last 24 hours

Found 67 injection attempts from 4 IPs:

IPAttemptsTarget
185.220.101.3447/api/users
45.134.26.9112/api/login
91.242.18.25/api/search
178.62.43.183/graphql

185.220.101.34 is a known Tor exit node (AbuseIPDB score: 100%). 45.134.26.91 is a known vulnerability scanner.

Block the top 2 IPs and set up a Slack alert for new injection attempts

2 IPs added to blocklist

Alert rule created → Slack #security

Both IPs are now blocked across your app. I also created an alert rule on the Tor exit node's /24 subnet — you'll get a Slack message if any IP from that range comes back.

Ask about errors, traffic, security, performance...

Same queries work in your terminal: securenow forensics "your question"

Try It Free
FULL PLATFORM

Everything DevSecOps Teams Need

Observe

Real-Time Traces

Every HTTP request captured end-to-end with headers, body, timing, IP, and response. Auto-instrumented via OpenTelemetry.

Structured Logs

Console output forwarded as OTLP logs, correlated with traces. Filter by severity, time, or trace ID.

API Map Discovery

Automatic discovery of all your API endpoints from traffic. Visualize routes, methods, and dependencies.

Response Analytics

Aggregated 2xx/3xx/4xx/5xx metrics. Spot error spikes, latency changes, and traffic anomalies at a glance.

Investigate

AI Trace Analysis

AI analyzes any trace for errors, security issues, and performance problems. Root cause with stack traces and recommendations.

NL Forensic Queries

Ask questions in plain English. The AI translates to SQL, runs against your data, and returns results. Save queries as alert rules.

IP Intelligence

Lookup any IP: geo, ISP, AbuseIPDB score, threat classification, all traces from that IP across your apps.

Request Forensics

Full request replay: headers, body (PII auto-redacted), timing, spans. Drill into any suspicious request end-to-end.

Respond

Auto-Blocklist

AI auto-blocks malicious IPs. Manage manually via CLI or dashboard. Duration, reason, and per-app scoping.

Alert Rules

Custom query-based alerts to Slack, email, and webhooks. Full attack context in every notification.

Automation Rules

Define automated response workflows. Threshold-based blocking, rate limiting, and escalation chains.

Issue Tracking

Security issues with severity levels, AI analysis, and lifecycle management. Resolve from dashboard or CLI.

Integrate

CLI with --json

Every command outputs structured JSON. Pipe into Claude, jq, or custom scripts. Build CI/CD security gates.

Cursor / Claude

Copy-paste one prompt to set up your project. AI reads the SDK, runs login, configures env, and verifies — automatically.

Slack / Email / Webhooks

Alert channels for every notification type. Full context in every alert. PagerDuty integration available.

11 Node.js Frameworks

Express, Fastify, NestJS, Koa, Hapi, h3, Hono, Polka, Micro, Feathers, and Next.js. PM2, Docker, serverless.

AI AGENT

Your App Gets Its Own AI DevSecOps Agent

Not just alerts. An autonomous agent that detects anomalies, investigates root causes, and responds — whether it's a production bug or a security threat.

Detect Anomalies

AI analyzes every trace for injection payloads, error spikes, latency anomalies, brute force patterns, and bot fingerprints in real time.

Investigate

Checks IP reputation, correlates errors with deployments, traces request paths, and builds a full investigation report with root cause.

Auto-Respond

Blocks malicious IPs, creates false-positive exclusions, suggests code fixes for errors. All configurable to your thresholds.

Alert Your Team

Slack, email, webhooks, PagerDuty. Every alert includes full context, AI-generated summary, and recommended actions.

All of this happens automatically — while you code

Or chat with your production data to investigate and take action yourself. Or use the CLI to do it from your terminal.

Start Free
FULL SETUP GUIDE

Choose Your Framework. Get Protected.

Pick your framework below for personalized setup steps — or just copy‑paste one prompt into Cursor and let AI handle the rest. Vibecoder‑friendly, zero config required.

Choose your framework and follow the integration steps below.

📦Install SecureNow + Express|30 seconds

Install SecureNow + Express

30s

Add SecureNow and Express dependencies to your project.

npm install --save securenow express
Verify Installation
npx securenow version
npx securenow help
What you get: Automatic HTTP instrumentation (traces), console log forwarding (logs), request body capture, client IP detection, and a CLI for managing your apps — all with zero code changes beyond the initial setup.
1 / 3
AI Setup

Or just copy‑paste this prompt and you're done

Paste into Cursor Agent or Claude. It handles login, app creation, env setup, and configuration automatically.

Prompt
Read the @node_modules/securenow package — look at register.js,
tracing.js, cli.js, and the .d.ts type files to understand all config.

Now set up SecureNow in my Express project end-to-end:

1. Run `npx securenow login` — opens my browser for OAuth.
   Wait for me to confirm.
2. Run `npx securenow apps create` to register my app
   (use my project name, pick default instance).
3. Run `npx securenow apps list --json` to get my APPID & INSTANCE.
4. Create .env using the values from step 3:
     SECURENOW_APPID=<from step 3>
     SECURENOW_INSTANCE=<from step 3>
     SECURENOW_LOGGING_ENABLED=1
     SECURENOW_CAPTURE_BODY=1
     SECURENOW_NO_UUID=1
     SECURENOW_TEST_SPAN=1
5. Create .env.example with placeholder values.
6. Ensure .env and .env.local are in .gitignore.
7. Add "start": "node -r securenow/register app.js" to package.json.
8. Run `npx securenow status` to verify the connection.

I only need to confirm the OAuth login — do everything else automatically.
Works with Cursor Agent mode, Claude, Windsurf, or any AI coding assistant that can read your project.
Total Setup Time: Under 5 minutes
DocsDashboardNPMHelp

Currently supports Node.js · More languages coming soon

🟢Node.jsAvailable Now
🐍Python
🔵Go
💎Ruby
Java
🔷.NET

Click any "Coming Soon" language to get notified when it's available

Simple, Transparent Pricing

Dedicated infrastructure for your data. Every plan includes real-time traces, AI forensics, full CLI access, and unlimited users on the CLI.

STARTER
$249/mo

2 vCPU · 4 GB RAM · 30 GB storage

Perfect for small teams getting started with production debugging and security monitoring.

  • 500K traces/day
  • 7-day trace retention
  • 30-day metric retention
  • 15-day log retention
  • Up to 5 team members
  • AI forensics + CLI
  • Real-time threat detection
  • Email support
Get Started
RECOMMENDED
PRO
$499/mo

4 vCPU · 8 GB RAM · 50 GB storage

For growing teams that need deeper visibility, longer retention, and custom alert rules.

  • 2M traces/day
  • 14-day trace retention
  • 30-day metric & log retention
  • Up to 15 team members
  • Everything in Starter
  • Custom alert rules
  • Full API access
  • Priority support
Get Started
BUSINESS
$999/mo

8 vCPU · 16 GB RAM · 80 GB storage

For large teams running production workloads that demand maximum retention and performance.

  • 5M traces/day
  • 30-day trace retention
  • 90-day metric retention
  • 60-day log retention
  • Up to 50 team members
  • Everything in Pro
  • Dedicated support & SLA
  • Custom integrations
Get Started

All plans include a dedicated instance with TLS encryption. Need a custom plan? Talk to us

FAQ

DevSecOps for Developers — Your Questions Answered

Code on screen

Production Bugs Don't Wait. Hackers Don't Either.

One npm install. Debug production issues, investigate threats, automate response — from your terminal or AI chat.

Start Free