Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure
Codify Policies for Infrastructure as Code
As you embrace Infrastructure as Code (IaC) such as Terraform, Kubernetes, and AWS CloudFormation, it is important to ensure that security best practices and compliance requirements are observed. Terrascan provides 500+ out-of-the-box policies so that you can scan IaC against common policy standards such as the CIS Benchmark. It leverages the Open Policy Agent (OPA) engine so that you can easily create custom policies using the Rego query language.