Cybersecurity Blind Spots in IaC and PaC Tools Expose Cloud Platforms to New Attacks

Nov 25, 2024

Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code (PaC) tools like HashiCorp’s Terraform and Open Policy Agent (OPA) that leverage dedicated, domain-specific languages (DSLs) to breach cloud platforms and exfiltrate data.
“Since these are hardened languages with limited capabilities, they’re supposed to be more secure than

Get Free Report & Network Analysis

Please check your email for the free report.