Chaser Systems

v2.30 of DiscrimiNAT Firewall for egress filtering is now Generally Available. Key improvements include support for Post-Quantum Cryptography #PQC TLS handshake. AWS release notes: chasersystems.com/docs/discrimin… GCP release notes: chasersystems.com/docs/discrimin…

Sponsoring the local #Rust meetup in #Cambridge is way we bring the community together a few times a year. Follow the event page at meetup.com/cambridge-rust… and @CambridgeRust here. Rust has played a critical role in the cloud security solutions we ship in terms of speed, stability & safety.

Learn about CoverDrop's use of #Rust in #Cambridge on 12th Nov by Daniel Hugenroth. Pizzas on us!

Our latest blog post 'What data do coding agents send, and where to?' featured by @lancinimarco!

What data do coding agents send, and where to? Our report seeks to answer some of our questions for the most popular coding agents. Incidentally, a side-effect was running into OWASP System Prompt Leakage. You can see the system prompts in the appendix. chasersystems.com/blog/what-data…

Looking at us-east-1 this morning like... 👀 We're giving away 1,000 of our "It's always DNS" stickers and sticky-notes to decorate your laptops and monitors! Just fill in the linked form below and we'll get it mailed directly to you, wherever you are in the world. You can even grab some for the rest of your team! forms.office.com/e/14jHFdU9Kv #aws #itsalwaysdns

Azure default outbound access connectivity change postponed from 30 Sep '25 to 31 Mar '26. azure.microsoft.com/en-us/updates?…

v2.20 of DiscrimiNAT Firewall now available on GCP 🎉 chasersystems.com/docs/discrimin…

v2.20 of DiscrimiNAT Firewall just released on AWS 🎉 chasersystems.com/docs/discrimin…

Another short-lived credential leak causes widespread data theft. Here at @ChaserSystems we're researching & prototyping practical second-factor methods for service account style usage. cloud.google.com/blog/topics/th…

Welcome to the team Lucas Pye! Lucas is joining us as an intern researching what telemetry is gathered from developer machines by various popular agentic coding tools. When he's not intercepting #egress traffic you can find him climbing! (screenshot of MitMed Cursor)

We're back at @fwdcloudsec again today, drop by our booth and try our mini-CTF to win a #YubiKey. Only 4 left, so be sure to come by early!

We're demoing DiscrimiNAT Firewall at the venue this year. See you in Denver!

TLS ECH (formerly ESNI) is an emerging threat in traffic observability. Learn about what it is, its background and original purpose, and how to disable it in controlled environments - especially Chrome and headless Chrome in the linked solution article: chasersystems.com/blog/disabling…

Our founder @new23d's talk accepted for @fwdcloudsec at Denver in June on AWS IAM Roles Anywhere with ACME-enabled PKI certs distribution (using Let's Encrypt Staging) Videos will be available on YouTube later and we'll post an update when they are.

We make it easier for you to enable an outbound network traffic firewall in full allowlist enforcement mode -- with discovery, dry run and micro-segmentation. Available on AWS and GCP. Search for DiscrimiNAT Firewall in your cloud web console. #egress #filtering

Wildcards are now GA from us for network egress on GCP. Took time to develop since we didn't want the solution to be trivially bypassable with SNI Spoofing [1] or cause interruptions to your traffic intermittently with false positives (as is the case with known issue FWAAS-1501 of Palo Alto [2]). The mechanism under the hood is truly patent worthy! The integration with GCP has always been such that it mimics a built-in feature with use of Network Tags, Firewall Rules and Logs Explorer 😎. It is stateless, CIS-hardened, upgrades seamlessly, and you can see the full comparison [3] for more info on multi-protocol support, low TTL DNS handling, etc. It also has a non-blocking monitoring mode to discover what you need to allow, and a dry-run mode to test rules before enforcement. Search for DiscrimiNAT Firewall in GCP Console to get started or for links to our Terraform modules and website for docs, etc. Any questions, just drop an email to devsecops at chasersystems dot com. We love to answer tricky questions and demo how our firewall checks more than just the hostname in client-settable headers! Safe egressing 🤞 [1a] repost.aws/questions/QUGi… [1b] x.com/nullenc0de/sta… [2] docs.paloaltonetworks.com/cloud-ngfw-aws… [3] chasersystems.com/discriminat/co…