@seckav/security-sdk

SecKav Security SDK v3.0.0

Lightweight API Security for Enterprises - One-click protection for your APIs

🚀 Quick Start

Protect your APIs in under 2 minutes with just one line of code:

npm install @seckav/security-sdk

const express = require('express');
const { createSecKavMiddleware } = require('@seckav/security-sdk');

const app = express();

// One-line API security
app.use(createSecKavMiddleware({
  apiKey: 'your_api_key',
  organizationId: 'your_org_id'
}));

// Your APIs are now protected!
app.get('/api/users', (req, res) => {
  res.json({ users: [] });
});

app.listen(3000);

🛡️ What It Protects Against

• DDoS Attacks - Intelligent rate limiting with burst control
• SQL Injection - Real-time malicious payload detection
• XSS Attacks - Cross-site scripting prevention
• Brute Force - IP-based attack mitigation
• Suspicious Activity - Behavioral threat detection
• Geo-based Threats - Country-level blocking
• Bot Attacks - User-agent filtering

🏢 Perfect For

• Startups - Get enterprise-grade security from day one
• MSMEs - Affordable protection that scales with you
• Enterprises - Lightweight security that doesn't slow you down
• Developers - Security that's actually developer-friendly

🌟 Key Features

⚡ Lightning Fast Setup

• One-line integration - No complex configuration
• Framework agnostic - Works with Express.js, Next.js, and more
• Zero dependencies - Minimal impact on your bundle size
• TypeScript ready - Full type support included

🔒 Enterprise-Grade Security

• Real-time threat detection - Stop attacks as they happen
• Adaptive rate limiting - Smart throttling that learns
• Security analytics - Detailed insights and reporting
• Fail-open architecture - Never breaks your application

📊 Built-in Analytics

• Request monitoring - Track API usage patterns
• Security events - Real-time threat notifications
• Performance metrics - Response time analysis
• Geographic insights - See where requests come from

📖 Frameworks Supported

Express.js

const express = require('express');
const { createSecKavMiddleware } = require('@seckav/security-sdk');

const app = express();
app.use(createSecKavMiddleware({
  apiKey: 'your_api_key',
  organizationId: 'your_org_id'
}));

Next.js

// middleware.js
import { createSecKavNextMiddleware } from '@seckav/security-sdk';

export default createSecKavNextMiddleware({
  apiKey: 'your_api_key',
  organizationId: 'your_org_id'
});

export const config = {
  matcher: '/api/:path*'
};

TypeScript

import { createSecKavMiddleware, SecKavConfig } from '@seckav/security-sdk';

const config: SecKavConfig = {
  apiKey: 'your_api_key',
  organizationId: 'your_org_id',
  features: {
    rateLimit: true,
    security: true,
    analytics: true
  }
};

app.use(createSecKavMiddleware(config));

⚙️ Configuration Options

const config = {
  // Required
  apiKey: 'your_api_key',
  organizationId: 'your_org_id',
  
  // Optional
  apiUrl: 'https://api.seckav.com',  // Custom API endpoint
  timeout: 5000,                     // Request timeout (ms)
  debug: false,                      // Enable debug logging
  
  // Features
  features: {
    rateLimit: true,                 // Enable rate limiting
    security: true,                  // Enable threat detection
    analytics: true,                 // Enable usage analytics
    encryption: false,               // Enable E2E encryption
    misconfigurationScanning: false  // Enable config scanning
  },
  
  // Error handling
  onError: (error) => {
    console.log('Security error:', error);
  }
};

🔧 Advanced Usage

Custom Rate Limiting

const sdk = new SecKavSDK({
  apiKey: 'your_api_key',
  organizationId: 'your_org_id'
});

// Check rate limit manually
const result = await sdk.checkRateLimit('/api/endpoint', 'GET', 'client-id');
if (!result.allowed) {
  return res.status(429).json({ error: 'Rate limited' });
}

Security Settings

const securitySettings = await sdk.getSecuritySettings('your_jwt_token');
console.log('Current security configuration:', securitySettings);

Analytics Data

// Get SDK information
const info = sdk.getInfo();
console.log('Enabled features:', info.enabledFeatures);
console.log('SDK version:', info.version);

🚨 Error Handling

The SDK uses a fail-open architecture - if there's an error, your API continues to work:

app.use(createSecKavMiddleware({
  apiKey: 'your_api_key',
  organizationId: 'your_org_id',
  onError: (error) => {
    // Log errors but don't break the application
    console.error('SecKav error:', error.message);
    
    // Optional: Send to your monitoring service
    monitoring.reportError(error);
  }
}));

📈 Getting Started

1. Sign Up

Visit seckav.com to create your account

2. Create Organization

Set up your organization and get your API key

3. Install SDK

npm install @seckav/security-sdk

4. Integrate

Add one line of code to protect your APIs

5. Monitor

View real-time security analytics in your dashboard

🔍 Monitoring & Analytics

Once integrated, you'll get access to:

• Real-time Security Dashboard - Live threat monitoring
• API Usage Analytics - Request patterns and trends
• Security Event Logs - Detailed attack information
• Performance Metrics - Response time and throughput
• Geographic Insights - Request origin mapping
• Threat Intelligence - Attack pattern analysis

🛠️ Development

Local Development

app.use(createSecKavMiddleware({
  apiKey: 'sk_test_your_test_key',
  organizationId: 'org_test_your_org',
  debug: true  // Enable detailed logging
}));

Production

app.use(createSecKavMiddleware({
  apiKey: process.env.SECKAV_API_KEY,
  organizationId: process.env.SECKAV_ORG_ID,
  debug: false
}));

🤝 Support

• Documentation: docs.seckav.com
• Support Email: support@seckav.com
• GitHub Issues: github.com/seckav/security-sdk/issues
• Community: community.seckav.com

📜 License

MIT License - see LICENSE file for details.

🚀 Why SecKav?

"Security shouldn't be an afterthought"

Most companies implement security after they've been attacked. SecKav lets you build security into your application from day one with:

• ✅ Zero Configuration - Works out of the box
• ✅ Enterprise Grade - Used by companies worldwide
• ✅ Developer Friendly - Security that doesn't slow you down
• ✅ Affordable - Pricing that scales with your business
• ✅ Reliable - 99.9% uptime SLA
• ✅ Global - Edge locations worldwide

Protect your APIs today. Start with SecKav.

Get Started → | View Docs → | See Pricing →