grizzly-sec
Advanced tools
Drop-in Express middleware for API documentation, live traffic analysis, and automated security anomaly detection.
Grizzly Sec is a drop-in Express middleware that automatically documents your API, monitors live traffic, detects security anomalies, and helps you secure your endpoints with minimal setup.
npm install grizzly-sec
const express = require('express');
const grizzlySec = require('grizzly-sec');
const app = express();
app.use(grizzlySec({
apiKey: 'your-api-key', // Required — get this from https://www.grizzly-sec.com
}));
app.get('/api/users/:id', (req, res) => {
res.json({ id: req.params.id, name: 'John Doe' });
});
app.listen(3000, () => {
console.log('Server listening on port 3000');
});
| Option | Type | Required | Description |
|---|---|---|---|
apiKey | String | Yes | Your API key from Grizzly Sec |
baseUrl | String | No | Override base URL used in tracking (defaults to inferred from request) |
excludedUrls | String[] | No | List of route patterns (glob syntax) to exclude from logging and tracking |
app.use(grizzlySec({
apiKey: 'your-api-key',
baseUrl: 'https://mywebsite.com',
excludedUrls: ['/health', '/internal/**','/api/project/*/docs']
}));
Grizzly Sec captures request and response data on every route, calculates payload sizes and response time, and sends the metadata securely to the Grizzly ingestion service. Sensitive headers are redacted, and excluded routes are bypassed for efficiency and privacy.
Data Protection: All request and response payloads are automatically censored before transmission. While we preserve the structure and keys of your data, all values are redacted with ***REDACTED*** to ensure no sensitive information is transmitted to our servers.
Header Filtering: Only essential headers (user-agent, content-type, accept) are transmitted in full. All other headers are redacted for privacy.
Grizzly Sec is provided "as is" without any warranties. We are not liable for any damages, data loss, or security incidents that may occur from the use of this software. Users are responsible for:
The automatic censoring of payloads is a privacy feature but does not guarantee complete data protection. Users should implement additional security measures as appropriate for their specific use cases.
For full documentation and feature guides, visit:
https://www.grizzly-sec.com/docs
MIT
Created by Rohan Chari
https://github.com/rohan-chari
FAQs
Drop-in Express middleware for API documentation, live traffic analysis, and automated security anomaly detection.
We found that grizzly-sec demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.
Security News
AGENTS.md is a fast-growing open format giving AI coding agents a shared, predictable way to understand project setup, style, and workflows.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.