The Update Framework (TUF) Security Assessment

NCC Group consultants Mason Hemmel and Jeff Dileo recently completed a one-week audit of the Kolide TUF client. The audit took place between August 28, 2017 and September 1, 2017.

TUF, an acronym for The Update Framework, is a set-and-forget library for securing software updates. It combines a preponderance of current academic work on the subject into one specification which can be applied to any update use case.

Kolide’s implementation of the framework leverages Docker Notary as a trusted update store from which it can update instances of osquery.These three projects are intended to be used in tandem to form a self-updating system for OS-level monitoring and analytics.

For further reading, see our revelant public reports on osquery and Docker Notary.

Download the Public Report

Call us before you need us.

Our experts will help you.

Get in touch
%d bloggers like this: