Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure
Codify Policies for Infrastructure as Code
As you embrace Infrastructure as Code (IaC) such as Terraform, Kubernetes, and AWS CloudFormation, it is important to ensure that security best practices and compliance requirements are observed. Terrascan provides 500+ out-of-the-box policies so that you can scan IaC against common policy standards such as the CIS Benchmark. It leverages the Open Policy Agent (OPA) engine so that you can easily create custom policies using the Rego query language.
Develop
Terrascan scans IaC in repositories
Build & Deploy
Terrascan integrates with CI/CD tools
Integrate into Your Development Pipeline
Enforcing policies throughout the development lifecycle is necessary to ensure that risks are not introduced along the way. Terracan can be integrated into your pipeline to scan IaC from code repositories such as GitHub, Bitbucket, and GitLab using an intuitive CLI interface. It can also act as a guardrail during the CI/CD phase to detect violations and block risky builds.
Review Violations
Terrascan enables you to review policy violations as soon as IaC is committed into your repository. This enables you to mitigate risks before your infrastructure is provisioned.
Join the Conversation
Chat with subject matter experts as they discuss best practices for defining, managing, and securing cloud native infrastructure throughout the development lifecycle.
Explore Advanced Capabilities
For teams with advanced requirements, we offer additional capabilities which include identifying potential breach paths, eliminating risk posture drift, and remediating through code.