Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Tired of managing hundreds or thousands of configurations as your microservice footprint scales? Tired of config files, environment variables, poorly managed secrets, and constantly crashing containers due to configuration mismanagement? There’s a better way. Figgy!
Cultivate configuration clarity with Figgy. Open-source, cloud-native, configuration & secret management in AWS.
Learn everything you need to know about Figgy by checking out the website:
Join our Slack community:
Figgy is a free and opensource serverless application config framework designed to bring simplicity, security, and resilience to
application config management. Figgy is built on top of AWS ParameterStore and leverages native AWS constructs such as AWS IAM,
KMS, among other services to ensure a simple and elegant integration with your AWS environment.
Never roll another application to production having forgotten to set that last pesky config in production.
Figgy makes it possible to bind your code directly to configurations. Easily break builds if configs are missing and application deployments are destined to fail.
Control user access like a champ
Figgy makes it easy to set up and control access to across all of your AWS environments and configuration namespaces. Consider your role types and use cases, map them up in a simple config file, and let Figgy do the rest. Audit all user activity and changes over time, and roll back any config or group of configurations to any point-in-time -- to the second!
Integrate with your SSO provider, abandon long-lived AWS Keys for good
Figgy supports SAML based SSO integrations with multi-factor authentication. Simplify AWS access control with Figgy!
Feature rich CLI to speed-up your development workflow.
Figgy will help you:
As your cloud footprint grows, so do the configurations you need to manage your applications. Figgy is a framework for simple, secure, and resilient config management in AWS. The best part? No new servers to deploy, upgrade, and patch. No complex software to learn. Follow Figgy’s laid-out path for config management. It’s AWS native, compatible with all AWS services, and follows AWS best practices. Let Figgy help you get it right from the start.
Figgy provides a suite of utilities that link your code to your configs. Detect and remedy misconfigurations before deployment rather than scrambling after the alarm bells are going off.
Figgy establishes a framework for teams of secret owners to securely track, manage, and rotate their secrets in their team’s secure space. From that space they can share secrets directly with the applications that need them -- without going through a middle-man. No more LastPass, one-time urls, secrets sent over Slack, email, encrypted files, or any of those annoying secret management hoops. In a few weeks, when your coworker "Bill" finds new employment, don’t ask yourself, "What secrets passed through Bill that we need to rotate now?"
Figgy makes it easy to give both users and applications the exact amount of access they need and nothing more, and provides a framework for scalably maintaining and enforcing least privilege. By following Figgy best practices you can easily maintain appropriate access for users and services while keeping your IAM policies short and sweet.
Figgy maintains a history of every event that has ever occurred in your configuration store since the day you installed Figgy. Know what happened, where, when, and by who. Then, roll back any configuration, or hierarchy of configurations, to any point-in-time in the past, to the second.
Want to dip your toes in and test out the waters? Try out our free Sandbox
FAQs
Tired of managing hundreds or thousands of configurations as your microservice footprint scales? Tired of config files, environment variables, poorly managed secrets, and constantly crashing containers due to configuration mismanagement? There’s a better way. Figgy!
We found that figgy-cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.