FOR DEVELOPERS

Plug Security Into Your App. See Hackers. Let AI Stop Them.

One npm install. Zero code changes. Every request traced, every threat detected, every attacker blocked — automatically.

Start Protecting Your AppView on npm

Node.js · Next.js · Express · Fastify · NestJS · Koa

terminal

$ npm install securenow

$ node -r securenow/register app.js

 

[securenow] connected to app: my-api

[securenow] monitoring 247 endpoints

 

[securenow] threat detected: SQL injection from 185.220.101.x

[securenow] auto-blocked IP, alert sent to #security

8 min

Average time before a new web app gets its first automated probe

94%

Of web applications have critical security flaws (OWASP)

Users

Most devs find out about attacks from their users, not their tools

SecureNow gives you eyes on every request before attackers find what they're looking for.

BLIND vs. PROTECTED

You Ship Code. Hackers Probe It.

Most developers have zero visibility into who's hitting their endpoints. Attackers test your app for vulnerabilities long before you notice.

Without SecureNow
Flying blind
You deploy and hope for the best
No visibility into who's hitting your endpoints
SQL injection & XSS attempts go completely unnoticed
You find out about breaches from angry users
Debugging attacks means grepping prod logs at 3 AM
Every incident is manual firefighting
With SecureNow
Full visibility + AI protection
Every request traced — headers, body, IP, timing
Attackers spotted on their first probe
Real-time alerts to Slack, email, or webhooks
AI auto-blocks malicious IPs and rate-limits threats
Ask AI: "Who's attacking /login?" — instant answers
Automated blocklist and security rules — zero manual work
Start Free Trial
3 STEPS · 2 MINUTES

From npm install to Protected

No SDK configuration files. No code changes. No agents to deploy separately.

1

Install & Login

$ npm install securenow

$ npx securenow login

$ npx securenow apps create

30 seconds. Creates your app and gives you the env vars.

2

Start Your App

# Node.js

$ node -r securenow/register app.js

# Next.js

$ npx securenow init

$ npm run dev

Zero code changes. The preload flag instruments everything.

3

Hackers Get Caught

SQL Injection Detected

POST /api/users · 185.220.101.x · Russia

IP Auto-Blocked

Added to blocklist · Alert sent to #security

AI Investigation Complete

Threat score: 98/100 · Known scanner · Blocked across 3 apps

You get notified. AI handles the rest.

From npm install to protected in under 2 minutes. Zero code changes to your application.

Start Protecting Your App
AI AGENTIC PROTECTION

Your App Gets Its Own AI Security Agent

Not just alerts. An autonomous agent that detects, investigates, and responds to threats — while you sleep.

Detect Threats

AI analyzes every trace for injection payloads, brute force patterns, bot fingerprints, and anomalous behavior in real time.

Investigate IPs

Checks IP reputation via AbuseIPDB + internal threat intel. Correlates activity across all your registered apps.

Auto-Respond

Blocks malicious IPs, applies rate limits, creates false-positive exclusions. All configurable to your thresholds.

Alert You

Slack, email, webhooks, PagerDuty. Every alert includes full context and an AI-generated investigation summary.

All of this happens automatically — while you code

Or chat with your security data in plain English to investigate and take action yourself.

Start Protecting Your App
DEVELOPER FEATURES

Everything You Need to Secure Your App

Real-Time Threat Detection

SQL injection, XSS, brute force, credential stuffing, bot traffic — caught from trace data the moment it happens. SQL alert rules you define.

AI Auto-Response

Malicious IPs get blocked automatically. Rate limits applied. False positives handled with AI-generated exclusion rules.

Instant Alerts

Slack, email, webhooks, PagerDuty. Full attack context in every notification — IP, geo, attack type, severity, affected endpoint.

Chat With Your Logs

Ask AI anything about your app's traffic in plain English. "Show all 500 errors from China in the last hour." Instant results.

Full Request Forensics

Every trace captured: headers, body (PII auto-redacted), timing, IP intel. Drill into any suspicious request end-to-end.

CLI & Automation

npx securenow traces, blocklist add, alerts, forensics. Script your security workflows. Full REST API included.

CHAT WITH YOUR APP

Debug, Investigate, Protect — In Plain English

Ask AI anything about your app's traffic, errors, and security. It queries your traces and logs, shows results, and takes action.

SecureNow AI · my-apiLIVE

Why is /api/checkout returning 500 errors since 2pm?

Found 34 errors on POST /api/checkout since 14:00:

TypeError31 occurrences

Cannot read property 'id' of undefined

at CheckoutService.process (checkout.js:147)

TimeoutError3 occurrences

Payment gateway timeout after 30s

The TypeError started after deploy v2.4.1 at 13:58. Likely a missing null check on the cart object.

Show me who's been hitting my API the most today. Anything suspicious?

Top IPs today — 2 flagged as malicious:

IPReqsStatus
104.26.10.52,847Clean — Cloudflare
185.220.101.34412Malicious — Tor exit
13.107.42.14389Clean — Microsoft
45.134.26.91156Malicious — Scanner

185.220.101.34 sent 47 SQL injection payloads to /api/users. 45.134.26.91 probed /.env, /wp-admin, /.git/config.

Block both malicious IPs and notify me on Slack if they try again

2 IPs added to blocklist

Slack alert rule → #dev-security

Both IPs are now blocked across your app. I also created an alert rule on the Tor exit node's /24 subnet — you'll get a Slack message if any IP from that range comes back.

Ask about errors, traffic, security, performance...

Debug errors, investigate traffic, block attackers — all through conversation.

Try It Free
FULL SETUP GUIDE

From Install to Protected

Step-by-step walkthrough: install the SDK, configure your environment, start your app, and verify everything is working.

Choose your framework and follow the integration steps below.

📦Install SecureNow + Express|30 seconds

Install SecureNow + Express

30s

Add SecureNow and Express dependencies to your project.

npm install --save securenow express
Verify Installation
npx securenow version
npx securenow help
What you get: Automatic HTTP instrumentation (traces), console log forwarding (logs), request body capture, client IP detection, and a CLI for managing your apps — all with zero code changes beyond the initial setup.

Zero-Effort Setup — Let AI Do EverythingCursor / Claude

After installing, paste this prompt into Cursor Agent or Claude. It will run all the CLI commands, authenticate you (you just confirm the browser login), create your app, and configure your entire project automatically.

Paste this prompt in Cursor Agent mode
Read the @node_modules/securenow package — look at register.js,
tracing.js, cli.js, and the .d.ts type files to understand all config.

Now set up SecureNow in my Express project end-to-end:

1. Run `npx securenow login` — opens my browser for OAuth.
   Wait for me to confirm.
2. Run `npx securenow apps create` to register my app
   (use my project name, pick default instance).
3. Run `npx securenow apps list --json` to get my APPID & INSTANCE.
4. Create .env using the values from step 3:
     SECURENOW_APPID=<from step 3>
     SECURENOW_INSTANCE=<from step 3>
     SECURENOW_LOGGING_ENABLED=1
     SECURENOW_CAPTURE_BODY=1
     SECURENOW_NO_UUID=1
     SECURENOW_TEST_SPAN=1
5. Create .env.example with placeholder values.
6. Ensure .env and .env.local are in .gitignore.
7. Add "start": "node -r securenow/register app.js" to package.json.
8. Run `npx securenow status` to verify the connection.

I only need to confirm the OAuth login — do everything else automatically.
Use Cursor Agent mode (Cmd+I / Ctrl+I) so it can run terminal commands. The @node_modules/securenow reference gives the AI direct access to the SDK source. You'll only be prompted once — to confirm the OAuth login in your browser.
1 / 3
Total Setup Time: Under 5 minutes
DocsDashboardNPMHelp

Currently supports Node.js · More languages coming soon

🟢Node.jsAvailable Now
🐍Python
🔵Go
💎Ruby
Java
🔷.NET

Click any "Coming Soon" language to get notified when it's available

Simple, Transparent Pricing

Dedicated infrastructure for your security data. Every plan includes real-time threat detection, AI forensics, and full CLI access.

STARTER
$249/mo

2 vCPU · 4 GB RAM · 30 GB storage

Perfect for small teams and startups getting started with application security monitoring.

  • 500K traces/day
  • 7-day trace retention
  • 30-day metric retention
  • 15-day log retention
  • Up to 5 team members
  • Real-time threat detection
  • AI-powered forensics
  • Email support
Get Started
RECOMMENDED
PRO
$499/mo

4 vCPU · 8 GB RAM · 50 GB storage

For growing companies that need deeper visibility and longer data retention.

  • 2M traces/day
  • 14-day trace retention
  • 30-day metric & log retention
  • Up to 15 team members
  • Everything in Starter
  • Custom alert rules
  • Full API access
  • Priority support
Get Started
BUSINESS
$999/mo

8 vCPU · 16 GB RAM · 80 GB storage

For large teams running production workloads that demand maximum retention and performance.

  • 5M traces/day
  • 30-day trace retention
  • 90-day metric retention
  • 60-day log retention
  • Up to 50 team members
  • Everything in Pro
  • Dedicated support & SLA
  • Custom integrations
Get Started

All plans include a dedicated instance with TLS encryption. Need a custom plan? Talk to us

DEVELOPER FAQ

Security Monitoring for Developers — Your Questions Answered

Code on screen

Hackers Don't Wait. Neither Should You.

One npm install. Real-time threat detection. AI-powered protection. Free to start.

Start Protecting Your App