Pete Markowsky
@plm.bsky.social
Cofounder & CEO @northpolesec.bsky.social
Prev: @google working on Security Agents including Santa. Cofounder and Chief Architect @capsule8 (tweets are my own.)
Personal Blog: https://blog.markowsky.us
Company Website: https://northpole.security
Prev: @google working on Security Agents including Santa. Cofounder and Chief Architect @capsule8 (tweets are my own.)
Personal Blog: https://blog.markowsky.us
Company Website: https://northpole.security
One thing I like about our system is that it's easy to make these kinda trip wires where you can lock these things down. But quickly make an exception if you need to allow something and then dial it back off.
Day 8 of our FAAdvent Calendar: Hide your macOS password hashes!
A one-liner command can expose the hash and salt, but Workshop & Santa's file access rules & CEL rules can protect these crown jewel files.
northpole.security/blog/2025-ad...
A one-liner command can expose the hash and salt, but Workshop & Santa's file access rules & CEL rules can protect these crown jewel files.
northpole.security/blog/2025-ad...
December 8, 2025 at 3:22 PM
One thing I like about our system is that it's easy to make these kinda trip wires where you can lock these things down. But quickly make an exception if you need to allow something and then dial it back off.
This is another simple but powerful control. You almost never need to disable Gatekeeper. And if you do you should be able to handle that on a case by case basis.
Day 7 of our FAAdvent Calendar : Prevent macOS Gatekeeper from being disabled on your fleet by creating a Santa CEL rule!
northpole.security/blog/2025-ad...
northpole.security/blog/2025-ad...
December 7, 2025 at 2:25 PM
This is another simple but powerful control. You almost never need to disable Gatekeeper. And if you do you should be able to handle that on a case by case basis.
Stopping things like infostealers by locking down the cookie jar to just the signed browser processes is a simple but powerful control
While Chrome is working on Device Bound Session Credentials (DBSC). You can deploy this today.
Also if you use another browser like Firefox, it'll still work.
While Chrome is working on Device Bound Session Credentials (DBSC). You can deploy this today.
Also if you use another browser like Firefox, it'll still work.
Day 6 of our FAAdvent Calendar: Protect your browser cookies from infostealers with Santa's File Access Rules—limit access so only the browser can read its own cookies!
northpole.security/blog/2025-ad...
northpole.security/blog/2025-ad...
December 6, 2025 at 2:05 PM
Stopping things like infostealers by locking down the cookie jar to just the signed browser processes is a simple but powerful control
While Chrome is working on Device Bound Session Credentials (DBSC). You can deploy this today.
Also if you use another browser like Firefox, it'll still work.
While Chrome is working on Device Bound Session Credentials (DBSC). You can deploy this today.
Also if you use another browser like Firefox, it'll still work.
This is a great feature that I'm using daily.
Honestly feels like we found a solid way to close the monitor mode is always on for devs gap.
Super proud of the team @northpolesec.bsky.social for landing this
Honestly feels like we found a solid way to close the monitor mode is always on for devs gap.
Super proud of the team @northpolesec.bsky.social for landing this
'Tis the season for new features. 🎁
Introducing On-Demand Monitor Mode in Workshop & Santa—monitor mode access only when you need it, only when you prove you're at the keyboard.
Check out the Loom ⬇️
www.loom.com/share/0c09ed...
Introducing On-Demand Monitor Mode in Workshop & Santa—monitor mode access only when you need it, only when you prove you're at the keyboard.
Check out the Loom ⬇️
www.loom.com/share/0c09ed...
Introducing On-Demand Monitor Mode in Santa and Workshop 🚀🎅
In this video, I introduced a new feature called on-demand monitor mode that will be available in the next versions of Santa and Workshop. This feature allows users to temporarily switch from lockdown...
www.loom.com
December 1, 2025 at 12:47 PM
This is a great feature that I'm using daily.
Honestly feels like we found a solid way to close the monitor mode is always on for devs gap.
Super proud of the team @northpolesec.bsky.social for landing this
Honestly feels like we found a solid way to close the monitor mode is always on for devs gap.
Super proud of the team @northpolesec.bsky.social for landing this
Reposted by Pete Markowsky
Join us in celebrating North Pole Security's first anniversary! 🎉
Reflect on a year of innovation, growth, & unwavering commitment to livable security with Santa and Workshop. Read about our journey and what's next! #FirstAnniversary #Santa #Workshop
northpole.security/blog/one-yea...
Reflect on a year of innovation, growth, & unwavering commitment to livable security with Santa and Workshop. Read about our journey and what's next! #FirstAnniversary #Santa #Workshop
northpole.security/blog/one-yea...
October 9, 2025 at 5:45 PM
Join us in celebrating North Pole Security's first anniversary! 🎉
Reflect on a year of innovation, growth, & unwavering commitment to livable security with Santa and Workshop. Read about our journey and what's next! #FirstAnniversary #Santa #Workshop
northpole.security/blog/one-yea...
Reflect on a year of innovation, growth, & unwavering commitment to livable security with Santa and Workshop. Read about our journey and what's next! #FirstAnniversary #Santa #Workshop
northpole.security/blog/one-yea...
Headed to hacker summer camp looking first to seeing people and sharing @northpolesec.bsky.social’s Workshop with people.
August 3, 2025 at 2:42 PM
Headed to hacker summer camp looking first to seeing people and sharing @northpolesec.bsky.social’s Workshop with people.
It's not just one release, it's two!
Keeping with our Christmas in July🎄, we just released Santa 2025.7 on GitHub github.com/northpolesec...
This release includes:
- A new icon that matches the company's branding
- Ready for Tahoe!
- Bug fixes and more
This release includes:
- A new icon that matches the company's branding
- Ready for Tahoe!
- Bug fixes and more
Release v2025.7 · northpolesec/santa
Notes
Announcements
🎉 Santa has a new Workshop! North Pole Security is excited to announce the release of Workshop, an official sync service specifically designed to deeply integrate with Santa. It...
github.com
July 31, 2025 at 4:04 PM
It's not just one release, it's two!
It's been an 11 month journey to build Workshop, the integrated backend Santa always deserved
Lots of things we'd always wanted at Google are now real
The MVP's already powerful & we're just getting started
Thank you to Zane & the team at A16Z, Royal Hansen and the team @northpolesec.bsky.social
Lots of things we'd always wanted at Google are now real
The MVP's already powerful & we're just getting started
Thank you to Zane & the team at A16Z, Royal Hansen and the team @northpolesec.bsky.social
🎉 It's Christmas in July!
We raised $4M to make proactive macOS security scalable for everyone.
Workshop is the first commercial platform built for Santa. Finally making allowlisting usable at scale.
Thanks to A16Z & everyone's who's believed in our mission.
We raised $4M to make proactive macOS security scalable for everyone.
Workshop is the first commercial platform built for Santa. Finally making allowlisting usable at scale.
Thanks to A16Z & everyone's who's believed in our mission.
July 30, 2025 at 2:48 PM
It's been an 11 month journey to build Workshop, the integrated backend Santa always deserved
Lots of things we'd always wanted at Google are now real
The MVP's already powerful & we're just getting started
Thank you to Zane & the team at A16Z, Royal Hansen and the team @northpolesec.bsky.social
Lots of things we'd always wanted at Google are now real
The MVP's already powerful & we're just getting started
Thank you to Zane & the team at A16Z, Royal Hansen and the team @northpolesec.bsky.social
I made this gist gist.github.com/pmarkowsky/9... to show how @northpolesec.bsky.social Santa FAA rules lockdown the Spotlight importers used in Sploitlight microsoft.com/en-us/securi... &
@theevilbit.bsky.social's persistence trick.
I also added an example rule for blocking access to the DBs.
@theevilbit.bsky.social's persistence trick.
I also added an example rule for blocking access to the DBs.
Santa FAA rule to prevent spotlight plugins from being registered
Santa FAA rule to prevent spotlight plugins from being registered - sploitlight.md
gist.github.com
July 29, 2025 at 4:21 PM
I made this gist gist.github.com/pmarkowsky/9... to show how @northpolesec.bsky.social Santa FAA rules lockdown the Spotlight importers used in Sploitlight microsoft.com/en-us/securi... &
@theevilbit.bsky.social's persistence trick.
I also added an example rule for blocking access to the DBs.
@theevilbit.bsky.social's persistence trick.
I also added an example rule for blocking access to the DBs.
July 24, 2025 at 12:14 PM
This was a big release. Getting CEL in opens up so many possibilities and like all good things it's a take what you need.
Really looking forward to seeing what people do with this.
Really looking forward to seeing what people do with this.
📢 Earlier this month we released Santa 2025.6
github.com/northpolesec...
🧵 This is a large release with several features
github.com/northpolesec...
🧵 This is a large release with several features
Release v2025.6 · northpolesec/santa
Notes
ImportantThe binaries initially uploaded for this release only contained the arm64 slice. We have updated the binaries to be universal and also include the x86_64 slice as well. You may need ...
github.com
July 8, 2025 at 1:36 PM
This was a big release. Getting CEL in opens up so many possibilities and like all good things it's a take what you need.
Really looking forward to seeing what people do with this.
Really looking forward to seeing what people do with this.
Lots of great features in 2025.5.
Santa is now easier to use without having to drop to the command line.
Be sure to check out the videos in the 🧵
Santa is now easier to use without having to drop to the command line.
Be sure to check out the videos in the 🧵
📢 We've just released Santa v2025.5 on GitHub github.com/northpolesec...
This release includes a handful of new features and changes:
Some highlights Below 🧵:
This release includes a handful of new features and changes:
Some highlights Below 🧵:
Release v2025.5 · northpolesec/santa
Notes
If you're migrating from Google Santa, please see the Migration Guide for details on how to upgrade.
Santa documentation has undergone a complete overhaul and can be found at northpole.dev.
A...
github.com
May 29, 2025 at 1:13 PM
Lots of great features in 2025.5.
Santa is now easier to use without having to drop to the command line.
Be sure to check out the videos in the 🧵
Santa is now easier to use without having to drop to the command line.
Be sure to check out the videos in the 🧵
Have to admit it's exciting to see years of work coming together.
May 8, 2025 at 2:05 PM
Have to admit it's exciting to see years of work coming together.
Reposted by Pete Markowsky
Very exciting to see Santa called out as a tool that works in the
@specterops.io SO-Con talk on Modern macOS Red Teaming Tactics by Lance Cain and @werdhaihai.bsky.social
www.youtube.com/watch?v=t_L2...
@specterops.io SO-Con talk on Modern macOS Red Teaming Tactics by Lance Cain and @werdhaihai.bsky.social
www.youtube.com/watch?v=t_L2...
Modern macOS Red Teaming Tactics | SO-CON 2025
YouTube video by SpecterOps
www.youtube.com
May 8, 2025 at 1:41 PM
Very exciting to see Santa called out as a tool that works in the
@specterops.io SO-Con talk on Modern macOS Red Teaming Tactics by Lance Cain and @werdhaihai.bsky.social
www.youtube.com/watch?v=t_L2...
@specterops.io SO-Con talk on Modern macOS Red Teaming Tactics by Lance Cain and @werdhaihai.bsky.social
www.youtube.com/watch?v=t_L2...
Reposted by Pete Markowsky
Today we released Santa v2025.3 on GitHub github.com/northpolesec....
This release includes a handful of new features.
This release includes a handful of new features.
Release v2025.3 · northpolesec/santa
Notes
If you're migrating from Google Santa, please see the Migration Guide for details on how to upgrade.
Santa documentation can be found at northpole.dev.
Announcements
📣 Opt-In Stats Collection...
github.com
April 1, 2025 at 6:37 PM
Today we released Santa v2025.3 on GitHub github.com/northpolesec....
This release includes a handful of new features.
This release includes a handful of new features.
In order to learn MCP I wrote a quick server on top of
@northpolesec.bsky.social's Santa github.com/pmarkowsky/s... it provides readonly functionality and debugging.
@northpolesec.bsky.social's Santa github.com/pmarkowsky/s... it provides readonly functionality and debugging.
GitHub - pmarkowsky/santa-mcp: A PoC MCP Server for Santa
A PoC MCP Server for Santa. Contribute to pmarkowsky/santa-mcp development by creating an account on GitHub.
github.com
March 31, 2025 at 5:50 PM
In order to learn MCP I wrote a quick server on top of
@northpolesec.bsky.social's Santa github.com/pmarkowsky/s... it provides readonly functionality and debugging.
@northpolesec.bsky.social's Santa github.com/pmarkowsky/s... it provides readonly functionality and debugging.
Reposted by Pete Markowsky
March 5, 2025 at 2:43 PM
Today in adventures in open source. We've had one user make a PR to update docs 🎉
And on a call a user said thank you for what you folks are doing in the community.
Not gonna lie this is pretty great to be on the receiving end of this.
And on a call a user said thank you for what you folks are doing in the community.
Not gonna lie this is pretty great to be on the receiving end of this.
March 3, 2025 at 9:11 PM
Today in adventures in open source. We've had one user make a PR to update docs 🎉
And on a call a user said thank you for what you folks are doing in the community.
Not gonna lie this is pretty great to be on the receiving end of this.
And on a call a user said thank you for what you folks are doing in the community.
Not gonna lie this is pretty great to be on the receiving end of this.
Reposted by Pete Markowsky
📣 We’ve just released Santa v2025.2 on GitHub. github.com/northpolesec...
Some highlights include:
- Process-centric File Access Authorization rules are now in Beta!
This means FAA rules can now target all access from a given process without knowing the files that will be accessed ahead of time.
Some highlights include:
- Process-centric File Access Authorization rules are now in Beta!
This means FAA rules can now target all access from a given process without knowing the files that will be accessed ahead of time.
Release v2025.2 · northpolesec/santa
Notes
If you're migrating from Google Santa, please see the Migration Guide for details on how to upgrade.
Santa documentation can be found at northpole.dev.
Announcements
📣 Opt-In Stats Collection...
github.com
February 28, 2025 at 2:44 AM
📣 We’ve just released Santa v2025.2 on GitHub. github.com/northpolesec...
Some highlights include:
- Process-centric File Access Authorization rules are now in Beta!
This means FAA rules can now target all access from a given process without knowing the files that will be accessed ahead of time.
Some highlights include:
- Process-centric File Access Authorization rules are now in Beta!
This means FAA rules can now target all access from a given process without knowing the files that will be accessed ahead of time.
Reposted by Pete Markowsky
Last night we released Santa 2025.1
github.com/northpolesec...
Notable features include:
Entitlements in the Sync Protocol
This allows you to avoid authorizing or see which applications are disabling code signing on libraries.
github.com/northpolesec...
Notable features include:
Entitlements in the Sync Protocol
This allows you to avoid authorizing or see which applications are disabling code signing on libraries.
Release v2025.1 · northpolesec/santa
Notes
If you're migrating from Google Santa, please see the Migration Guide for details on how to upgrade.
Santa documentation can be found at northpole.dev.
Fixed
❗ Fixed an issue where santactl c...
github.com
January 28, 2025 at 4:19 PM
Last night we released Santa 2025.1
github.com/northpolesec...
Notable features include:
Entitlements in the Sync Protocol
This allows you to avoid authorizing or see which applications are disabling code signing on libraries.
github.com/northpolesec...
Notable features include:
Entitlements in the Sync Protocol
This allows you to avoid authorizing or see which applications are disabling code signing on libraries.
Reposted by Pete Markowsky
Today we're excited to release Santa v2024.11!
github.com/northpolesec...
Highlights:
1. Our initial beta for standalone mode: This lets you authorize binaries using TouchID. So you can live in lockdown mode.
www.youtube.com/watch?v=Hd4t...
github.com/northpolesec...
Highlights:
1. Our initial beta for standalone mode: This lets you authorize binaries using TouchID. So you can live in lockdown mode.
www.youtube.com/watch?v=Hd4t...
Santa Standalone Mode w/Swift UI
YouTube video by Pete Markowsky
www.youtube.com
December 10, 2024 at 6:01 PM
Today we're excited to release Santa v2024.11!
github.com/northpolesec...
Highlights:
1. Our initial beta for standalone mode: This lets you authorize binaries using TouchID. So you can live in lockdown mode.
www.youtube.com/watch?v=Hd4t...
github.com/northpolesec...
Highlights:
1. Our initial beta for standalone mode: This lets you authorize binaries using TouchID. So you can live in lockdown mode.
www.youtube.com/watch?v=Hd4t...
Le sigh, I clearly need an edit button. The typos will continue until my ADHD subsides.
November 29, 2024 at 5:54 PM
Le sigh, I clearly need an edit button. The typos will continue until my ADHD subsides.
I want to see the next startup show in which the first thing a founder does is go oh shit how do I setup quickbooks and payroll? We need a company credit card!?
November 27, 2024 at 10:15 PM
I want to see the next startup show in which the first thing a founder does is go oh shit how do I setup quickbooks and payroll? We need a company credit card!?