...
3. Terrascan: A static code analyser for Infrastructure as Code.
4. Checkov/tfsec: [Need to finalise any oneGoing ahead with tfsec]
| Code Block |
|---|
Checkov:
🔘 Checkov is a static code analysis tool for infrastructure-as-code.
🔘 It scans cloud infrastructure provisioned using:
- Terraform
- Terraform plan
- Cloudformation
- AWS SAM
- Kubernetes
- Helm charts
- Kustomize
- Dockerfile
- Serverless
🔘 Detects security and compliance misconfigurations using graph-based scanning.
|
...