JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 5
  • Score
    100M100P100Q44335F
  • License MIT

Lightweight API Security SDK for Enterprises - One-click protection with rate limiting, threat detection, security analytics, and real-time monitoring for Express.js and Next.js applications

Package Exports

  • @seckav/security-sdk
  • @seckav/security-sdk/dist/index.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@seckav/security-sdk) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

SecKav Security SDK v3.0.0

Lightweight API Security for Enterprises - One-click protection for your APIs

npm version License: MIT TypeScript

🚀 Quick Start

Protect your APIs in under 2 minutes with just one line of code:

npm install @seckav/security-sdk
const express = require('express');
const { createSecKavMiddleware } = require('@seckav/security-sdk');

const app = express();

// One-line API security
app.use(createSecKavMiddleware({
  apiKey: 'your_api_key',
  organizationId: 'your_org_id'
}));

// Your APIs are now protected!
app.get('/api/users', (req, res) => {
  res.json({ users: [] });
});

app.listen(3000);

🛡️ What It Protects Against

  • DDoS Attacks - Intelligent rate limiting with burst control
  • SQL Injection - Real-time malicious payload detection
  • XSS Attacks - Cross-site scripting prevention
  • Brute Force - IP-based attack mitigation
  • Suspicious Activity - Behavioral threat detection
  • Geo-based Threats - Country-level blocking
  • Bot Attacks - User-agent filtering

🏢 Perfect For

  • Startups - Get enterprise-grade security from day one
  • MSMEs - Affordable protection that scales with you
  • Enterprises - Lightweight security that doesn't slow you down
  • Developers - Security that's actually developer-friendly

🌟 Key Features

⚡ Lightning Fast Setup

  • One-line integration - No complex configuration
  • Framework agnostic - Works with Express.js, Next.js, and more
  • Zero dependencies - Minimal impact on your bundle size
  • TypeScript ready - Full type support included

🔒 Enterprise-Grade Security

  • Real-time threat detection - Stop attacks as they happen
  • Adaptive rate limiting - Smart throttling that learns
  • Security analytics - Detailed insights and reporting
  • Fail-open architecture - Never breaks your application

📊 Built-in Analytics

  • Request monitoring - Track API usage patterns
  • Security events - Real-time threat notifications
  • Performance metrics - Response time analysis
  • Geographic insights - See where requests come from

📖 Frameworks Supported

Express.js

const express = require('express');
const { createSecKavMiddleware } = require('@seckav/security-sdk');

const app = express();
app.use(createSecKavMiddleware({
  apiKey: 'your_api_key',
  organizationId: 'your_org_id'
}));

Next.js

// middleware.js
import { createSecKavNextMiddleware } from '@seckav/security-sdk';

export default createSecKavNextMiddleware({
  apiKey: 'your_api_key',
  organizationId: 'your_org_id'
});

export const config = {
  matcher: '/api/:path*'
};

TypeScript

import { createSecKavMiddleware, SecKavConfig } from '@seckav/security-sdk';

const config: SecKavConfig = {
  apiKey: 'your_api_key',
  organizationId: 'your_org_id',
  features: {
    rateLimit: true,
    security: true,
    analytics: true
  }
};

app.use(createSecKavMiddleware(config));

⚙️ Configuration Options

const config = {
  // Required
  apiKey: 'your_api_key',
  organizationId: 'your_org_id',
  
  // Optional
  apiUrl: 'https://api.seckav.com',  // Custom API endpoint
  timeout: 5000,                     // Request timeout (ms)
  debug: false,                      // Enable debug logging
  
  // Features
  features: {
    rateLimit: true,                 // Enable rate limiting
    security: true,                  // Enable threat detection
    analytics: true,                 // Enable usage analytics
    encryption: false,               // Enable E2E encryption
    misconfigurationScanning: false  // Enable config scanning
  },
  
  // Error handling
  onError: (error) => {
    console.log('Security error:', error);
  }
};

🔧 Advanced Usage

Custom Rate Limiting

const sdk = new SecKavSDK({
  apiKey: 'your_api_key',
  organizationId: 'your_org_id'
});

// Check rate limit manually
const result = await sdk.checkRateLimit('/api/endpoint', 'GET', 'client-id');
if (!result.allowed) {
  return res.status(429).json({ error: 'Rate limited' });
}

Security Settings

const securitySettings = await sdk.getSecuritySettings('your_jwt_token');
console.log('Current security configuration:', securitySettings);

Analytics Data

// Get SDK information
const info = sdk.getInfo();
console.log('Enabled features:', info.enabledFeatures);
console.log('SDK version:', info.version);

🚨 Error Handling

The SDK uses a fail-open architecture - if there's an error, your API continues to work:

app.use(createSecKavMiddleware({
  apiKey: 'your_api_key',
  organizationId: 'your_org_id',
  onError: (error) => {
    // Log errors but don't break the application
    console.error('SecKav error:', error.message);
    
    // Optional: Send to your monitoring service
    monitoring.reportError(error);
  }
}));

📈 Getting Started

1. Sign Up

Visit seckav.com to create your account

2. Create Organization

Set up your organization and get your API key

3. Install SDK

npm install @seckav/security-sdk

4. Integrate

Add one line of code to protect your APIs

5. Monitor

View real-time security analytics in your dashboard

🔍 Monitoring & Analytics

Once integrated, you'll get access to:

  • Real-time Security Dashboard - Live threat monitoring
  • API Usage Analytics - Request patterns and trends
  • Security Event Logs - Detailed attack information
  • Performance Metrics - Response time and throughput
  • Geographic Insights - Request origin mapping
  • Threat Intelligence - Attack pattern analysis

🛠️ Development

Local Development

app.use(createSecKavMiddleware({
  apiKey: 'sk_test_your_test_key',
  organizationId: 'org_test_your_org',
  debug: true  // Enable detailed logging
}));

Production

app.use(createSecKavMiddleware({
  apiKey: process.env.SECKAV_API_KEY,
  organizationId: process.env.SECKAV_ORG_ID,
  debug: false
}));

🤝 Support

📜 License

MIT License - see LICENSE file for details.

🚀 Why SecKav?

"Security shouldn't be an afterthought"

Most companies implement security after they've been attacked. SecKav lets you build security into your application from day one with:

  • Zero Configuration - Works out of the box
  • Enterprise Grade - Used by companies worldwide
  • Developer Friendly - Security that doesn't slow you down
  • Affordable - Pricing that scales with your business
  • Reliable - 99.9% uptime SLA
  • Global - Edge locations worldwide

Protect your APIs today. Start with SecKav.

Get Started → | View Docs → | See Pricing →