Checkov is a static code analysis tool for infrastructure-as-code. It scans cloud infrastructure provisioned using Terraform, Terraform plan, Cloudformation, Kubernetes, Dockerfile, Serverless or ARM Templates and detects security and compliance misconfigurations using graph-based scanning.
kubernetes aws devops cloudformation azure terraform static-analysis gcp infrastructure-as-code scans compliance helm-charts aws-security devsecops azure-security policy-as-code gcp-security kubernetes-security terraform-securityCloudQuery transforms your cloud infrastructure into queryable SQL for easy monitoring, governance and security. CloudQuery pulls, normalize, expose and monitor your cloud infrastructure and SaaS apps as SQL database. This abstracts various scattered APIs enabling you to define security, governance, cost and compliance policies with SQL. CloudQuery comes with built-in policy packs such as: AWS CIS.
aws security cis sql monitor azure gcp cloud-computing compliance cloudtrail aws-security cis-benchmark well-architected gcp-security cspm cloud-monitoringTerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
terraform aws-security goat devsecops cloud-security azure-security gcp-securityWe believe cloud-native companies need a new type of security solutions. We’ve built a team of super-hero DevOps engineers from diverse security and cloud engineering backgrounds to supply the next generation of security services. That’s how we help cloud-native companies build and operate securely using the public-cloud.
aws aws-security vpc-flow-logs gcp-security
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.