Cybersecurity company, Palo Alto Networks unveils an open-source tool that automatically tags cloud resources within the infrastructure as code frameworks Terraform, AWS CloudFormation, and Serverless Framework YAML. The new tool, Yor, automates the manually tagging cloud resources. It aims to help security teams to trace misconfiguration from code to cloud.
Tracing security misconfigurations
Yor allows organizations to run the tool across all infrastructure resources to assign ownership and other tags based on IaC and git history data. It can also be built into the continuous integration and continuous delivery lifecycle for enhanced traceability. With its consistent tagging, Yor makes it easier to trace misconfigurations back to the original code owners and editors.
Yor was built by the Bridgecrew. It is the team behind the open-source IaC scanner, Checkov which has over 2 million downloads. The company was acquired by Palo Alto Networks in March of 2021. Barak Schoster, Chief Architect, Palo Alto Networks, said,
“Effective infrastructure tagging is critical to tracking cost allocation, access control, operations, and of course security in the cloud. To date, this has been an all-too-manual process for developers, with each cloud provider and organization having different standards and naming conventions. By automating standardized tagging, Yor provides visibility and traceability from IaC configuration to cloud resources in production.”