grizzly-sec
Advanced tools
Drop-in Express middleware for API documentation, live traffic analysis, and automated security anomaly detection.
Grizzly Sec is a drop-in Express middleware that automatically documents your API, monitors live traffic, detects security anomalies, and helps you secure your endpoints with minimal setup.
npm install grizzly-sec
const express = require('express');
const grizzlySec = require('grizzly-sec');
const app = express();
app.use(grizzlySec({
apiKey: 'your-api-key', // Required — get this from https://www.grizzly-sec.com
}));
app.get('/api/users/:id', (req, res) => {
res.json({ id: req.params.id, name: 'John Doe' });
});
app.listen(3000, () => {
console.log('Server listening on port 3000');
});
| Option | Type | Required | Description |
|---|---|---|---|
apiKey | String | Yes | Your API key from Grizzly Sec |
baseUrl | String | No | Override base URL used in tracking (defaults to inferred from request) |
excludedUrls | String[] | No | List of route patterns (glob syntax) to exclude from logging and tracking |
app.use(grizzlySec({
apiKey: 'your-api-key',
baseUrl: 'https://mywebsite.com',
excludedUrls: ['/health', '/internal/**','/api/project/*/docs']
}));
Grizzly Sec captures request and response data on every route, calculates payload sizes and response time, and sends the metadata securely to the Grizzly ingestion service. Sensitive headers are redacted, and excluded routes are bypassed for efficiency and privacy.
Data Protection: All request and response payloads are automatically censored before transmission. While we preserve the structure and keys of your data, all values are redacted with ***REDACTED*** to ensure no sensitive information is transmitted to our servers.
Header Filtering: Only essential headers (user-agent, content-type, accept) are transmitted in full. All other headers are redacted for privacy.
Grizzly Sec is provided "as is" without any warranties. We are not liable for any damages, data loss, or security incidents that may occur from the use of this software. Users are responsible for:
The automatic censoring of payloads is a privacy feature but does not guarantee complete data protection. Users should implement additional security measures as appropriate for their specific use cases.
For full documentation and feature guides, visit:
https://www.grizzly-sec.com/docs
MIT
Created by Rohan Chari
https://github.com/rohan-chari
FAQs
Drop-in Express middleware for API documentation, live traffic analysis, and automated security anomaly detection.
The npm package grizzly-sec receives a total of 13 weekly downloads. As such, grizzly-sec popularity was classified as not popular.
We found that grizzly-sec demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Threat actors hijacked Toptal’s GitHub org, publishing npm packages with malicious payloads that steal tokens and attempt to wipe victim systems.
Research
/Security News
Socket researchers investigate 4 malicious npm and PyPI packages with 56,000+ downloads that install surveillance malware.
Security News
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.