Published : Apr 03, 2024
NOT ON THE CURRENT EDITION
This blip is not on the current edition of the Radar. If it was on one of the last few editions, it is likely that it is still relevant. If the blip is older, it might no longer be relevant and our assessment might be different today. Unfortunately, we simply don't have the bandwidth to continuously review blips from previous editions of the Radar.
Understand more
Apr 2024
Trial
Terrascan is a static code analyzer for infrastructure as code (IaC) designed to detect security vulnerabilities and compliance issues before provisioning cloud-native infrastructure. It supports scanning for Terraform, Kubernetes (JSON/YAML), Helm, AWS CloudFormation, Azure Resource Manager, Dockerfiles and GitHub. The default policy pack covers all the major cloud providers, GitHub, Docker and Kubernetes. Our teams use Terrascan locally as a pre-commit hook and integrate it into CI pipelines to detect IaC vulnerabilities and violations.