Application Security

Underrated features in security tools

September 14, 2022

Here are some incredible tools I have been using these last couple of months that I thought were dope!

  1. Semgrep

I love semgrep's taint mode. This is data flow analysis that can track the flow of untrusted code from a source and can track that across wherever that vulnerable data goes into a function. Example - User enters input that goes into an eval/equivalent function 

  1. Sysdig Falco

I really dig sysdig falco. I discovered that sysdig has a command called "spy_users" where sysdig maintains a log of all commands run by the user on a given linux machine. Pretty nifty if you want to monitor for potentially dangerous commands being invoked on the box.

  1. KubeAudit

KubeAudit is one of my favorite tools to audit kubernetes clusters. A useful feature in kubeaudit is the autofix feature, where you feed kubeaudit a vulnerable kubernetes yaml manifest and kubeaudit auto-fixes the vulnerable configs and converts them to more secure configs

  1. Steampipe

One of my favorite AWS security tools is steampipe. They have a nifty mode where you can their collection of CIS benchmarks to be run against the target AWS environment. It's super convenient!

Are you staying on the bleeding edge of all things AppSec? Sharpen your AppSec skills with Advanced Application Security courses here!

Abhay Bhargav

Abhay Bhargav

Abhay is a speaker and trainer at major industry events including DEF CON, BlackHat, OWASP AppSecUSA. He loves golf (don't get him started).