End-of-Year Special: Blow that Budget Sale! More seats, bigger savings.
Popular with:
Security Architect
Security Engineer

Underrated features in security tools

Updated:
September 15, 2022
Written by
Abhay Bhargav

Here are some incredible tools I have been using these last couple of months that I thought were dope!

  1. Semgrep

I love semgrep's taint mode. This is data flow analysis that can track the flow of untrusted code from a source and can track that across wherever that vulnerable data goes into a function. Example - User enters input that goes into an eval/equivalent function 

  1. Sysdig Falco

I really dig sysdig falco. I discovered that sysdig has a command called "spy_users" where sysdig maintains a log of all commands run by the user on a given linux machine. Pretty nifty if you want to monitor for potentially dangerous commands being invoked on the box.

  1. KubeAudit

KubeAudit is one of my favorite tools to audit kubernetes clusters. A useful feature in kubeaudit is the autofix feature, where you feed kubeaudit a vulnerable kubernetes yaml manifest and kubeaudit auto-fixes the vulnerable configs and converts them to more secure configs

  1. Steampipe

One of my favorite AWS security tools is steampipe. They have a nifty mode where you can their collection of CIS benchmarks to be run against the target AWS environment. It's super convenient!

Are you staying on the bleeding edge of all things AppSec? Sharpen your AppSec skills with Advanced Application Security courses here!

Source for article
Abhay Bhargav

Abhay Bhargav

Abhay is a speaker and trainer at major industry events including DEF CON, BlackHat, OWASP AppSecUSA. He loves golf (don't get him started).

Ready to Elevate Your Security Training?

Empower your teams with the skills they need to secure your applications and stay ahead of the curve.
Get Our Newsletter
Get Started
X
X