Latacora collects and analyzes data about services our clients use. You may have read about our approach to building security tooling, but the tl;dr is we make requests to all the (configuration metadata) read-only APIs available to us and store the …

Introduction Most “security tools” today are typically composed by code that consumes an API and applies predefined logic to identify issues. This is generally accomplished by: Fetching a subset of the endpoints exposed by the service / …