Tooling on Latacora

Introducing Replik8s, a Modern Security Tool for Kubernetes

Mon, 22 Sep 2025 12:00:00 -0400

Introduction

Security tools are often designed to highlight specific issues by consuming APIs and applying predefined logic. Each tool implements its own data structures, storage formats, and evaluation logic. While effective in narrow contexts, this approach creates challenges for teams managing a diverse toolset. Moreover, most tools are optimized to fetch only the data needed for specific findings, limiting their utility in broader contexts such as incident response or historical analysis.

Bit by bit: how Latacora helped Notion build security that scales

Fri, 29 Aug 2025 11:55:00 -0500

Security rarely tops the priority list for startups - but that doesn’t make it optional.

Running a startup is no small feat. Facing enormous pressure to address a never-ending list of priorities (finding market fit, fundraising, launching new features, scaling infrastructure, etc.) security often becomes a “later” issue……until it can’t be. Even when companies know they need help, the breadth of the problem can be intimidating. Application security, cloud infrastructure, third-party vendors, compliance, cryptography: any resource-constrained startup will be hard-pressed to find a unicorn hire who can own all these responsibilities equally well.

Datomic and Content Addressable Techniques: An Ultimate Data Wonderland

Fri, 13 Sep 2024 12:00:00 -0500

Latacora collects and analyzes data about services our clients use. You may have read about our approach to building security tooling, but the tl;dr is we make requests to all the (configuration metadata) read-only APIs available to us and store the results in S3. We leverage the data to understand our clients' infrastructure and identify security issues and misconfigurations. We retain the files (“snapshots”) to support future IR/forensics efforts.

This approach has served us well, but the limited scope of a snapshot meant there was always a problem of first needing to figure out which files to look at. We love aws s3 sync and grep as much as anyone but security analysis requires looking for complex relationships between resources; text search is, at best, only a Bloom filter. What we really wanted was a performant way to ask any question across all the data we have for a client that would support complex queries using logic programming.

Our Approach to Building Security Tooling

Wed, 01 Nov 2023 12:00:00 -0400

Introduction

Most “security tools” today are typically composed by code that consumes an API and applies predefined logic to identify issues. This is generally accomplished by:

Fetching a subset of the endpoints exposed by the service / API being audited (that is, the information required for the evaluation logic, such as a list of the EC2 instances deployed in an AWS account, as well as their configuration)
Storing the data retrieved
Evaluating this data to produce “findings” (this is the added value provided by the tool)

Integrating third party tools into our monitoring platform isn’t always straightforward, as each tool:

Tooling on Latacora

Introducing Replik8s, a Modern Security Tool for Kubernetes

Introduction #

Bit by bit: how Latacora helped Notion build security that scales

Datomic and Content Addressable Techniques: An Ultimate Data Wonderland

Our Approach to Building Security Tooling

Introduction #

Introduction

Introduction