Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code (PaC) tools like HashiCorp’s Terraform and Open Policy Agent (OPA) that leverage dedicated, domain-specific languages (DSLs) to breach cloud platforms and exfiltrate data.
“Since these are hardened languages with limited capabilities, they’re supposed to be more secure thanRead More

Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks [email protected] (The Hacker News)
by
Tags:
