Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

A core challenge for threat detection engineering is reproducing common attacker behavior. Several open source and commercial projects exist for traditional endpoint and on-premise security, but there is a clear need for a cloud-native tool built with cloud providers and infrastructure in mind. To meet this growing demand, we’re happy to announce Stratus Red Team, an open source project created to emulate common attack techniques directly in your cloud environment.

Since 2009, more than 12 years ago, all major Linux distributions have been incorporating a high severity security hole that remained unnoticed until just recently. The vulnerability and exploit, dubbed “PwnKit” (CVE-2021-4034), uses the vulnerable “pkexec” tool, and allows a local user to gain root system privileges on the affected host. Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating systems.

Before we talk about design patterns for Open Policy Agent (OPA) (what they are, why they’re beneficial, what their key ideas are, and how you might try to see them in action with sample data/apps in Styra Declarative Authorization Service (DAS) Free), it’s helpful to start with some background. When we designed the OPA at Styra, we aimed to make it flexible enough to solve every authorization and policy problem in the cloud-native space (and beyond).

Building an application security program can be overwhelming. The steady stream of content encouraging teams to shift left is inspiring, but it doesn’t help you get started. Looking toward organizations with mature AppSec initiatives can make the gap seem insurmountable — all while an actionable plan remains elusive. Like anything else in software development, application security is a journey. A journey that’s much more enjoyable with some guiding principles.