terrascan

Detect compliance and security violations across Infrastructure as Code (IaC) to mitigate risk before provisioning cloud native infrastructure.

Policy as Code for Secure Cloud Infrastructure

As you embrace Infrastructure as Code (IaC) such as Terraform, Kubernetes, Argo CD, Atlantis and AWS CloudFormation, it is important to ensure that security best practices and compliance requirements are observed. Terrascan provides 500+ out-of-the-box policies so that you can scan IaC against common policy standards such as the CIS Benchmark. It leverages the Open Policy Agent (OPA) engine so that you can easily create custom policies using the Rego query language.

Get Started

Follow the documentation to get scanning as quickly as possible!

Read more …

Contributions welcome!

We do a Pull Request contributions on GitHub. New users are always welcome!

Read more …

Follow us on Twitter!

For announcement of latest features etc.

Read more …

Meet, share and collaborate with other Terrascan users and contributors on our Community On Discord

Join the Tenable Community Discord

Tenable is a member of