npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@seckav/security-sdk

v3.0.0

Published

Lightweight API Security SDK for Enterprises - One-click protection with rate limiting, threat detection, security analytics, and real-time monitoring for Express.js and Next.js applications

Downloads

91

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

seckavseckav

Keywords

api-securitysecurity-middlewarerate-limitingthreat-detectionexpress-securitynextjs-securityenterprise-securitystartup-securitymsme-securityapi-protectionsecurity-analyticsreal-time-monitoringddos-protectionmalicious-payload-detectionsql-injection-protectionxss-protectionsecurity-headersip-filteringgeo-blockinguser-agent-filteringsecurity-eventsfail-open-securitylightweight-securityone-click-securitydeveloper-friendlymiddlewareexpressnextjsseckavfirewallanalyticsmonitoring

Readme

SecKav Security SDK v3.0.0

Lightweight API Security for Enterprises - One-click protection for your APIs

npm version License: MIT TypeScript

🚀 Quick Start

Protect your APIs in under 2 minutes with just one line of code:

npm install @seckav/security-sdk
const express = require('express');
const { createSecKavMiddleware } = require('@seckav/security-sdk');

const app = express();

// One-line API security
app.use(createSecKavMiddleware({
  apiKey: 'your_api_key',
  organizationId: 'your_org_id'
}));

// Your APIs are now protected!
app.get('/api/users', (req, res) => {
  res.json({ users: [] });
});

app.listen(3000);

🛡️ What It Protects Against

  • DDoS Attacks - Intelligent rate limiting with burst control
  • SQL Injection - Real-time malicious payload detection
  • XSS Attacks - Cross-site scripting prevention
  • Brute Force - IP-based attack mitigation
  • Suspicious Activity - Behavioral threat detection
  • Geo-based Threats - Country-level blocking
  • Bot Attacks - User-agent filtering

🏢 Perfect For

  • Startups - Get enterprise-grade security from day one
  • MSMEs - Affordable protection that scales with you
  • Enterprises - Lightweight security that doesn't slow you down
  • Developers - Security that's actually developer-friendly

🌟 Key Features

⚡ Lightning Fast Setup

  • One-line integration - No complex configuration
  • Framework agnostic - Works with Express.js, Next.js, and more
  • Zero dependencies - Minimal impact on your bundle size
  • TypeScript ready - Full type support included

🔒 Enterprise-Grade Security

  • Real-time threat detection - Stop attacks as they happen
  • Adaptive rate limiting - Smart throttling that learns
  • Security analytics - Detailed insights and reporting
  • Fail-open architecture - Never breaks your application

📊 Built-in Analytics

  • Request monitoring - Track API usage patterns
  • Security events - Real-time threat notifications
  • Performance metrics - Response time analysis
  • Geographic insights - See where requests come from

📖 Frameworks Supported

Express.js

const express = require('express');
const { createSecKavMiddleware } = require('@seckav/security-sdk');

const app = express();
app.use(createSecKavMiddleware({
  apiKey: 'your_api_key',
  organizationId: 'your_org_id'
}));

Next.js

// middleware.js
import { createSecKavNextMiddleware } from '@seckav/security-sdk';

export default createSecKavNextMiddleware({
  apiKey: 'your_api_key',
  organizationId: 'your_org_id'
});

export const config = {
  matcher: '/api/:path*'
};

TypeScript

import { createSecKavMiddleware, SecKavConfig } from '@seckav/security-sdk';

const config: SecKavConfig = {
  apiKey: 'your_api_key',
  organizationId: 'your_org_id',
  features: {
    rateLimit: true,
    security: true,
    analytics: true
  }
};

app.use(createSecKavMiddleware(config));

⚙️ Configuration Options

const config = {
  // Required
  apiKey: 'your_api_key',
  organizationId: 'your_org_id',
  
  // Optional
  apiUrl: 'https://api.seckav.com',  // Custom API endpoint
  timeout: 5000,                     // Request timeout (ms)
  debug: false,                      // Enable debug logging
  
  // Features
  features: {
    rateLimit: true,                 // Enable rate limiting
    security: true,                  // Enable threat detection
    analytics: true,                 // Enable usage analytics
    encryption: false,               // Enable E2E encryption
    misconfigurationScanning: false  // Enable config scanning
  },
  
  // Error handling
  onError: (error) => {
    console.log('Security error:', error);
  }
};

🔧 Advanced Usage

Custom Rate Limiting

const sdk = new SecKavSDK({
  apiKey: 'your_api_key',
  organizationId: 'your_org_id'
});

// Check rate limit manually
const result = await sdk.checkRateLimit('/api/endpoint', 'GET', 'client-id');
if (!result.allowed) {
  return res.status(429).json({ error: 'Rate limited' });
}

Security Settings

const securitySettings = await sdk.getSecuritySettings('your_jwt_token');
console.log('Current security configuration:', securitySettings);

Analytics Data

// Get SDK information
const info = sdk.getInfo();
console.log('Enabled features:', info.enabledFeatures);
console.log('SDK version:', info.version);

🚨 Error Handling

The SDK uses a fail-open architecture - if there's an error, your API continues to work:

app.use(createSecKavMiddleware({
  apiKey: 'your_api_key',
  organizationId: 'your_org_id',
  onError: (error) => {
    // Log errors but don't break the application
    console.error('SecKav error:', error.message);
    
    // Optional: Send to your monitoring service
    monitoring.reportError(error);
  }
}));

📈 Getting Started

1. Sign Up

Visit seckav.com to create your account

2. Create Organization

Set up your organization and get your API key

3. Install SDK

npm install @seckav/security-sdk

4. Integrate

Add one line of code to protect your APIs

5. Monitor

View real-time security analytics in your dashboard

🔍 Monitoring & Analytics

Once integrated, you'll get access to:

  • Real-time Security Dashboard - Live threat monitoring
  • API Usage Analytics - Request patterns and trends
  • Security Event Logs - Detailed attack information
  • Performance Metrics - Response time and throughput
  • Geographic Insights - Request origin mapping
  • Threat Intelligence - Attack pattern analysis

🛠️ Development

Local Development

app.use(createSecKavMiddleware({
  apiKey: 'sk_test_your_test_key',
  organizationId: 'org_test_your_org',
  debug: true  // Enable detailed logging
}));

Production

app.use(createSecKavMiddleware({
  apiKey: process.env.SECKAV_API_KEY,
  organizationId: process.env.SECKAV_ORG_ID,
  debug: false
}));

🤝 Support

📜 License

MIT License - see LICENSE file for details.

🚀 Why SecKav?

"Security shouldn't be an afterthought"

Most companies implement security after they've been attacked. SecKav lets you build security into your application from day one with:

  • Zero Configuration - Works out of the box
  • Enterprise Grade - Used by companies worldwide
  • Developer Friendly - Security that doesn't slow you down
  • Affordable - Pricing that scales with your business
  • Reliable - 99.9% uptime SLA
  • Global - Edge locations worldwide

Protect your APIs today. Start with SecKav.

Get Started → | View Docs → | See Pricing →