Policy types
listen.dev allows for policy enforcement on network behavior.
Modes
There are 3 types of modes available
Observe
Alert
Action
Targets
Policy sets can be applied to targets including:
Network behavior: monitor network activity and allows for egress control through allowlist
Dependency context: enables alerts for various types of heristics mapping to common supply chain attacks eg. unexpected outbound DNS connection, package source code accesses environment variables
Detection rules: these are common attack vectors (known bads) such as spawning a reverse shell (RCE), binary overwrite (tampering), read to
.ssh
directory (sensitive data exfiltration), etc.
Policy suites:
Secure by default
Custom policy (coming soon)
Last updated