Tagged "security"

This post explores how custom AutoPkg processors are potentially vulnerable when used as pre/post-processors. While one of AutoPkg’s main advantages is its secure by default design, there is a gap when dealing with custom processors used as command line arguments.

Today I’m introducing VirusTotalReporter, an AutoPkg processor designed to return file report information from VirusTotal. Heavily inspired by the well loved and widely used VirusTotalAnalyzer by Hannes Juutilainen, VirusTotalReporter’s goal is to provide as much detection data as possible to make informed decisions within AutoPkg recipes and workflows.