Security on Catalyst9 Engineering

Security on Catalyst9 Engineeringhttps://blog.catalyst9.ai/tags/security/Recent content in Security on Catalyst9 EngineeringHugoen-usThu, 11 Jun 2026 00:00:00 -0600I had 47 places I stored secrets. Then I built this.https://blog.catalyst9.ai/posts/part-1-scattered-secrets/Tue, 21 Apr 2026 00:00:00 -0600https://blog.catalyst9.ai/posts/part-1-scattered-secrets/A few weeks ago I went hunting for an API key. I found my secrets in 47 places. Here’s what I built to fix that.Your .env files are a liability — even when they never leave your machinehttps://blog.catalyst9.ai/posts/part-2-env-files-liability/Wed, 22 Apr 2026 00:00:00 -0600https://blog.catalyst9.ai/posts/part-2-env-files-liability/Your .env never touched git. The password leaked anyway. Nine separate places, depending on which tools you used that afternoon. Here’s the better model.AI coding agents make the secrets problem worse. Here's the fix.https://blog.catalyst9.ai/posts/part-4-ai-agents/Mon, 27 Apr 2026 00:00:00 -0600https://blog.catalyst9.ai/posts/part-4-ai-agents/When your AI coding agent runs, it should see the Anthropic key and the project context — not your production database password. Unless you explicitly said so.When a credential leaks, you know everything in 30 secondshttps://blog.catalyst9.ai/posts/part-6-forensics/Fri, 01 May 2026 00:00:00 -0600https://blog.catalyst9.ai/posts/part-6-forensics/GitHub emails you at 2am about a leaked token. Old world: rotate everything, file a ticket, investigation takes a week. New world: one command, 30 seconds, ticket closed.The airport-recovery demo: losing your laptop and recovering in two minuteshttps://blog.catalyst9.ai/posts/part-9-airport-recovery/Thu, 21 May 2026 00:00:00 -0600https://blog.catalyst9.ai/posts/part-9-airport-recovery/Lose the laptop at the gate, buy a new one, be back in your secrets in under two minutes. Here is what that actually looks like.Multi-principal zero-trust identity: humans, devices, workloads, and agentshttps://blog.catalyst9.ai/posts/part-10-multi-principal-identity/Thu, 21 May 2026 00:00:00 -0600https://blog.catalyst9.ai/posts/part-10-multi-principal-identity/Classic identity models handle one principal type at a time. Real systems have four interacting simultaneously — and most auth stacks are not built for that.What shipping a WebAuthn flow actually looks likehttps://blog.catalyst9.ai/posts/part-11-shipping-webauthn/Thu, 21 May 2026 00:00:00 -0600https://blog.catalyst9.ai/posts/part-11-shipping-webauthn/Phase 1 piece #4 and Phase 1b-C were both marked complete based on unit tests. Then I drove a real browser ceremony and five bugs cascaded out at once.Stacking policy: defaults + fine-grained overrides for high-value secretshttps://blog.catalyst9.ai/posts/part-13-policy-stacking/Thu, 11 Jun 2026 00:00:00 -0600https://blog.catalyst9.ai/posts/part-13-policy-stacking/We built a real ABAC policy engine on top of the identity and step-up work. You can now express ’everything under LLM/* needs a human in the loop’ as a default, while stacking a more specific rule that says only principals with an openai_admin label can write or delete under LLMS/OPENAI. The client (kpm) consumes the policy signals so get forces step-up, env/run warns about high-value paths, and strict mode makes every decrypt a fresh policy-checked round-trip.The GitHub VS Code Extension Breach, in Threat-Model Termshttps://blog.catalyst9.ai/posts/2026-05-20-github-vscode-extension-breach/Wed, 20 May 2026 00:00:00 -0600https://blog.catalyst9.ai/posts/2026-05-20-github-vscode-extension-breach/GitHub’s internal repos got exfiltrated through a poisoned VS Code extension. Here’s the threat model that actually matters — and what credential-storage architecture can and can’t do about it.