SecureNative Docs
  • Docs
  • Site
  • Help

›Micro-Agents

Welcome

  • Introduction
  • Quick Start
  • How SecureNative works

Guides

  • Tracking Events
  • Authentication & API Key

Security Modules

  • Users Monitoring
  • Zero Trust Authentication
  • Fraud Detection
  • Account Takeover

Security Automation

  • Introduction
  • Security Flows
  • Security Flows API
  • Events
  • Rules

Using SecureNative

  • Dashboards
  • Security Events
  • Vulnerabilities
  • Security Headers
  • Users Monitoring
  • Inviting Team Members

Privacy

  • GDPR Compliance

Sources

  • JavaScript Agent

SDKS

  • SDK's
  • SDK Guide
  • SDK Tutorial
  • SDK Integration

Micro-Agents

  • Node.js
  • Java
  • Ruby
  • python
  • PHP
  • Go

Integrations

  • Webhooks
  • Slack
Edit

Java

Introduction

SecureNative Java agent provides application security monitoring and protection from OWASP TOP 10 security threats at run-time through dynamic instrumentation of business logic and user behavior.

Compatibility

The Java agent requires a specific framework to run since it's compatible with the framework you already use:

Java frameworks

However, for some advanced features a specific web framework is required. We support most of the popular web frameworks:

  • Spring (Servlets)
We constantly adding support for new frameworks, if your framework is missing, please contact us.

Java Versions

Java 8 is a minimum requirement

Operating Systems

There is no specific version requirement of operation system, only requirements enforced by node version compatibility, we also play nice with docker!

  • macOS
  • Linux
  • Windows

Installation

Please create a free account at register to get the API Key.

Install SecureNative package

Open your favorite terminal, navigate to your application folder and run the following command:

Download the agent:

  1. Go to https://search.maven.org/artifact/com.securenative.java/com.securenative.java
  2. Select the latest version
  3. Click on Downloads button and select the JAR
-javaagent:/path/to/securenative.jar
-Dsecurenative.apikey=<your secret key>
-Dsecurenative.appname=<your application name>

Configuration

Minimal Configuration

At minimum SECURENATIVE_API_KEY is required, you can pass it in multiple ways:

  1. As environment variable (recommended)
export SECURENATIVE_API_KEY="YOUR_SECRET_KEY_HERE"
  1. Using configuration file (choose this for development environment)
cat > securenative.env <<EOF
{
  "SECURENATIVE_APP_NAME": "YOUR_APPLICATION_NAME",
  "SECURENATIVE_API_KEY": "YOUR_API_KEY"
}
EOF

Advanced Configurations

Change those options only if you know what your are doing

OptionTypeOptionalDefault ValueDescription
SECURENATIVE_API_KEYstringfalsenoneSecureNative api key
SECURENATIVE_APP_NAMEstringfalsepackage.jsonName of application source
SECURENATIVE_API_URLstringtruehttps://api.securenative.com/v1/collectorDefault api base address
SECURENATIVE_INTERVALnumbertrue1000Default interval for SDK to try to persist events
SECURENATIVE_HEARTBEAT_INTERVALnumbertrue1000Default agent hearbeat interval
SECURENATIVE_MAX_EVENTSnumbertrue1000Max in-memory events queue
SECURENATIVE_TIMEOUTnumbertrue1500API call timeout in ms
SECURENATIVE_AUTO_SENDBooleantruetrueShould api auto send the events
SECURENATIVE_DISABLEBooleantruetrueAllow to disable agent functionality
SECURENATIVE_DEBUG_MODEBooleantruefalseDisplays debug info to stdout

Managing Agent

There are additional operations that you can perform to manage the agent

Disabling Agent

To disable the agent functionality you can set SECURENATIVE_DISABLE=true, this instructs the agent to disable all instrumentation functionality, that way the agent will not impact your application and won't need to remove the integration from your code

Updating Agent

To update the agent to the latest version, run the following command:

  1. Go to https://search.maven.org/artifact/com.securenative.java/com.securenative.java
  2. Select the latest version
  3. Click on Downloads button and select the JAR

We highly recommend updating your agent to get new features and performance improvements

Uninstalling Agent

To uninstall the SecureNative agent, remove the -javaagent parameter from the JVM command.

Last updated on 7/12/2020
← Node.jsRuby →
  • Introduction
  • Compatibility
    • Java frameworks
    • Java Versions
    • Operating Systems
  • Installation
    • Install SecureNative package
  • Configuration
    • Minimal Configuration
    • Advanced Configurations
  • Managing Agent
    • Disabling Agent
    • Updating Agent
    • Uninstalling Agent
SecureNative
© Copyright 2018 - 2020 SecureNative, Inc. | All Rights Reserved