Protect Against Russia-Ukraine Cyber Activity
  • Sign In
    • Research
    • Partner
    • Customer
    • Employee
  • Create Account
  • EN
  • magnifying glass search icon to open search field
  • Contact Us
  • Resources
  • Get support
  • Under Attack?
Palo Alto Networks logo
  • Network Security
  • Secure Access Service Edge
  • Cloud-Native Security
  • Security Operations
  • Threat Intel & Incident Response
  • More
  • Sign In
    Sign In
    • Research
    • Partner
    • Customer
    • Employee
  • Create Account
  • EN
    Language
  • Contact Us
  • Resources
  • Get support
  • Under Attack?
  • Get Started

Announcing the New Open Source Project Yor, Dynamic and Automated Cloud Infrastructure Tagging

Palo Alto Networks Santa Clara, CA May 27, 2021 at 09:00 AM

SANTA CLARA, Calif., May 27, 2021 /PRNewswire/ -- Palo Alto Networks (NYSE: PANW), the global cybersecurity leader, today announced the release of Yor, an open-source tool that automatically tags cloud resources within infrastructure as code (IaC) frameworks Terraform, AWS CloudFormation, and Serverless Framework YAML. Yor automates the tedious work of manually tagging cloud resources, helps security teams trace security misconfigurations from code to cloud, and enables highly effective GitOps across all major cloud providers.

"Effective infrastructure tagging is critical to tracking cost allocation, access control, operations, and of course security in the cloud," said Barak Schoster, chief architect at Palo Alto Networks. "To date, this has been an all-too-manual process for developers, with each cloud provider and organization having different standards and naming conventions. By automating standardized tagging, Yor provides visibility and traceability from IaC configuration to cloud resources in production."

Organizations can run Yor across all infrastructure resources to retroactively assign ownership and other meaningful tags based on IaC and git history data. Yor can also be built into the continuous integration and continuous delivery (CI/CD) lifecycle for improved traceability as infrastructure is modified and created. Having consistent tagging will make it simple to trace any misconfigurations back to the original code owners and editors, reducing the time to patch.

The Cloud Security Alliance noted in its recent report The State of Cloud Security Concerns, Challenges, and Incidents that misconfigurations were among the leading causes of breaches and outages as public cloud adoption doubled over the past two years. If a security team identifies a misconfiguration, having the tags for the developer owner simplifies triaging, so the ticket can be automatically assigned to the right developer. Yor's use cases also extend beyond security by making it easier to tag resources to allocate costs from a finance and budgeting perspective.

"DevSecOps is about breaking down silos and improving productivity," said Ismail Yenigul,open-source contributor and DevSecOps expert. "Imagine there is a SEV0 security incident — the last thing you want to do is spend hours identifying what caused a misconfiguration or track down the developer who wrote or modified the infrastructure code that is managed in Terraform, CloudFormation, or Serverless. Yor makes it possible to get answers to those questions immediately, for much more effective collaboration and faster mean time to resolution of incidents."

Yor was built by Bridgecrew, the team behind the popular open-source IaC scanner Checkov which has been downloaded over 2 million times by developers. Bridgecrew was acquired by Palo Alto Networks in March 2021 and together they continue to invest in new and existing open source projects.

About Yor

Yor is an open-source tool that automatically and consistently tags resources across infrastructure as code (IaC) frameworks (e.g., Terraform, CloudFormation, Kubernetes, and Serverless Framework). Yor enables version-controlled owner assignment and resource tracing-based git history. It also extends tag enforcement logic by loading external tagging logic into your CI/CD pipeline. For more information, visit www.yor.io.

About Palo Alto Networks

Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world's greatest security challenges with continuous innovation that seizes the latest breakthroughs in artificial intelligence, analytics, automation, and orchestration. By delivering an integrated platform and empowering a growing ecosystem of partners, we are at the forefront of protecting tens of thousands of organizations across clouds, networks, and mobile devices. Our vision is a world where each day is safer and more secure than the one before. For more information, visit www.paloaltonetworks.com.

Palo Alto Networks, Prisma, and the Palo Alto Networks logo are trademarks of Palo Alto Networks, Inc. in the United States and in jurisdictions throughout the world. All other trademarks, trade names, or service marks used or mentioned herein belong to their respective owners.

Palo Alto Networks logo (PRNewsFoto/Palo Alto Networks, Inc.) (PRNewsfoto/Palo Alto Networks, Inc.)

 

SOURCE Palo Alto Networks, Inc.

Article

What is a denial of service attack (DoS) ?

A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users.
April 4, 2022

Article

What is a Zero Trust Architecture

Zero Trust has become one of cybersecurity’s most used buzzwords. It’s imperative to understand what Zero Trust is, as well as what Zero Trust isn’t.
May 17, 2022

White Paper

Architecting The Zero Trust Enterprise

Understand how to become a Zero Trust Enterprise
November 23, 2021

Datasheet

PA-400 Series

Palo Alto Networks PA-400 series ML-Powered NGFW (PA-460, PA-450, PA-440) brings Next Generation Firewall capabilities to distributed enterprise branch offices, retail locations, and midsize businesses.
March 23, 2022

Article

What Is SASE?

Secure access service edge, or SASE (pronounced “sassy”), is an emerging cybersecurity concept. It is the convergence of wide area networking.
April 13, 2022

Datasheet

PA-3200 Series Datasheet

The PA-3200 Series secures all traffic, including encrypted traffic, using dedicated processing and memory for networking, security, threat prevention and management.
March 23, 2022

Get the latest news, invites to events and threat alerts

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.

black youtube icon black twitter icon black facebook icon black linkedin icon
  • USA (ENGLISH)
  • AUSTRALIA (ENGLISH)
  • BRAZIL (PORTUGUÉS)
  • CANADA (ENGLISH)
  • CHINA (简体中文)
  • FRANCE (FRANÇAIS)
  • GERMANY (DEUTSCH)
  • INDIA (ENGLISH)
  • ITALY (ITALIANO)
  • JAPAN (日本語)
  • KOREA (한국어)
  • LATIN AMERICA (ESPAÑOL)
  • MEXICO (ESPAÑOL)
  • SINGAPORE (ENGLISH)
  • SPAIN (ESPAÑOL)
  • TAIWAN (繁體中文)
  • UK (ENGLISH)

Popular Resources

  • Blog
  • Communities
  • Content Library
  • Tech Insider
  • Cyberpedia
  • Event Center
  • Investors
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Trust Center
  • Terms of Use
  • Documents

Popular Links

  • About Us
  • Customers
  • Newsroom
  • Careers
  • Contact Us
  • Product Certifications
  • Manage Email Preferences
Report a Vulnerability
Create an account or login

Copyright © 2022 Palo Alto Networks. All rights reserved