Pete Markowsky's Avatar

Pete Markowsky

@plm.bsky.social

Cofounder & CEO @northpolesec.bsky.social Prev: @google working on Security Agents including Santa. Cofounder and Chief Architect @capsule8 (tweets are my own.) Personal Blog: https://blog.markowsky.us Company Website: https://northpole.security

195 Followers  |  193 Following  |  70 Posts  |  Joined: 22.06.2023  |  1.8459

Latest posts by plm.bsky.social on Bluesky

Post image

m.media-amazon.com/images/I/71m...

03.08.2025 20:58 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Headed to hacker summer camp looking first to seeing people and sharing @northpolesec.bsky.social’s Workshop with people.

03.08.2025 14:42 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Tbh I did it because it seems to get the word out to folks who’ve split from Twitter, to Bluesky and mastodon.

LinkedIn seems to be one of the few common spots.

Also I’m stuck on the plane.

03.08.2025 14:40 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

In case you see me. Yes this is why I look so exhausted. πŸ˜‚

31.07.2025 16:04 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

It's not just one release, it's two!

31.07.2025 16:04 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

It's been an 11 month journey to build Workshop, the integrated backend Santa always deserved

Lots of things we'd always wanted at Google are now real

The MVP's already powerful & we're just getting started

Thank you to Zane & the team at A16Z, Royal Hansen and the team @northpolesec.bsky.social

30.07.2025 14:48 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Santa FAA rule to prevent spotlight plugins from being registered Santa FAA rule to prevent spotlight plugins from being registered - sploitlight.md

I made this gist gist.github.com/pmarkowsky/9... to show how @northpolesec.bsky.social Santa FAA rules lockdown the Spotlight importers used in Sploitlight microsoft.com/en-us/securi... &
@theevilbit.bsky.social's persistence trick.

I also added an example rule for blocking access to the DBs.

29.07.2025 16:21 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Going to be attending @bsideslv.org and around. Summer camp.

If you’re around say hello.

24.07.2025 12:14 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

This was a big release. Getting CEL in opens up so many possibilities and like all good things it's a take what you need.

Really looking forward to seeing what people do with this.

08.07.2025 13:36 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Lots of great features in 2025.5.

Santa is now easier to use without having to drop to the command line.

Be sure to check out the videos in the 🧡

29.05.2025 13:13 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

It’s something that feels like the sci-fi future media promised us as kids

14.05.2025 10:07 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Yikes. Got any other FRs? Asking for a friend…

11.05.2025 19:43 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Have to admit it's exciting to see years of work coming together.

08.05.2025 14:05 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Modern macOS Red Teaming Tactics | SO-CON 2025
YouTube video by SpecterOps Modern macOS Red Teaming Tactics | SO-CON 2025

Very exciting to see Santa called out as a tool that works in the
@specterops.io SO-Con talk on Modern macOS Red Teaming Tactics by Lance Cain and @werdhaihai.bsky.social

www.youtube.com/watch?v=t_L2...

08.05.2025 13:41 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

I hear it’s straight fireπŸ”₯… I’ll see myself out.

06.05.2025 23:13 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Release v2025.4 Β· northpolesec/santa Notes If you're migrating from Google Santa, please see the Migration Guide for details on how to upgrade. Santa documentation can be found at northpole.dev. Announcements πŸ“£ Opt-In Stats Collection...

πŸ“’ Last week we released Santa v2025.4 github.com/northpolesec...

Along with some big changes 🧡

05.05.2025 17:52 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0

I keep saying these advances are more like electric power tools than fully autonomous. Still means massive productivity gains and chat is now a first class interface in a way it wasn’t feasible previously

23.04.2025 14:00 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

I’m still kinda angry about the whole matter tbh

16.04.2025 13:41 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
a man in a suit and tie stands in front of a sign that says the work is mysterious ALT: a man in a suit and tie stands in front of a sign that says the work is mysterious

Also re:0-day

09.04.2025 11:58 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

I mean I get the fascination it’s pure tech and a narrative that’s often a combo of how clever someone is versus the defenses in place.

On the other hand brute forcing passwords, out of date applications and simple malware are still problems for people. So I’m with you.

09.04.2025 11:57 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Arm me with harmony

02.04.2025 00:47 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Release v2025.3 Β· northpolesec/santa Notes If you're migrating from Google Santa, please see the Migration Guide for details on how to upgrade. Santa documentation can be found at northpole.dev. Announcements πŸ“£ Opt-In Stats Collection...

Today we released Santa v2025.3 on GitHub github.com/northpolesec....

This release includes a handful of new features.

01.04.2025 18:37 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Preview
GitHub - pmarkowsky/santa-mcp: A PoC MCP Server for Santa A PoC MCP Server for Santa. Contribute to pmarkowsky/santa-mcp development by creating an account on GitHub.

In order to learn MCP I wrote a quick server on top of
@northpolesec.bsky.social's Santa github.com/pmarkowsky/s... it provides readonly functionality and debugging.

31.03.2025 17:50 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Oh?

29.03.2025 23:34 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
America Online Exploits Bug In Own Software

Good thing it has that builtin stack overflow www.geoffchappell.com/notes/securi...

26.03.2025 00:16 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Got sent this from a friend and admittedly I'm still chuckling.

26.03.2025 00:15 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Snippet of the CISA guide recommending that you use Santa to stop living off the land attacks on macOS

Snippet of the CISA guide recommending that you use Santa to stop living off the land attacks on macOS

We agree with CISA and think you should use Santa too

www.cisa.gov/sites/defaul...

05.03.2025 14:43 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

Today in adventures in open source. We've had one user make a PR to update docs πŸŽ‰

And on a call a user said thank you for what you folks are doing in the community.

Not gonna lie this is pretty great to be on the receiving end of this.

03.03.2025 21:11 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Release v2025.2 Β· northpolesec/santa Notes If you're migrating from Google Santa, please see the Migration Guide for details on how to upgrade. Santa documentation can be found at northpole.dev. Announcements πŸ“£ Opt-In Stats Collection...

πŸ“£ We’ve just released Santa v2025.2 on GitHub. github.com/northpolesec...

Some highlights include:

- Process-centric File Access Authorization rules are now in Beta!

This means FAA rules can now target all access from a given process without knowing the files that will be accessed ahead of time.

28.02.2025 02:44 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0

Shmoo was an amazing con. Sad to have missed the final as I went to the first one and it was the first con I ever spoke at

29.01.2025 00:20 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

@plm is following 19 prominent accounts