The Update Framework (TUF) Security Assessment

NCC Group consultants Mason Hemmel and Jeff Dileo recently completed a one-week audit of the Kolide TUF client. The audit took place between August 28, 2017 and September 1, 2017.

TUF, an acronym for The Update Framework, is a set-and-forget library for securing software updates. It combines a preponderance of current academic work on the subject into one specification which can be applied to any update use case.

Kolide's implementation of the framework leverages Docker Notary as a trusted update store from which it can update instances of osquery.These three projects are intended to be used in tandem to form a self-updating system for OS-level monitoring and analytics.

For further reading, see our revelant public reports on osquery and Docker Notary.

Download the Public Report

Published date:  18 October 2017

Filter By Service

Filter By Type