Posts in 2022
-
Test your cloud-native IaC in your browser with the Terrascan Sandbox
Friday, December 09, 2022 in 2022
Terrascan is open-source software from Tenable that scans infrastructure-as-code (IaC) for security misconfigurations and violations before the code is provisioned into cloud-native infrastructure. Now, you can try Terrascan right from your browser …
-
Securely scanning Argos pipelines with policy as code
Wednesday, December 07, 2022 in 2022
Among their many advantages, GitOps pipelines enable teams to run automated security tests using codified policies. Since your Git repository reflects your infrastructure configurations, scanning your Infrastructure as Code (IaC) repository is a …
-
Improving Kubernetes Security
Monday, November 14, 2022 in 2022
Given the mind-boggling rate of innovation and adoption of cloud native technologies, the Terrascan team at Tenable has resolved to help cloud native development teams identify and mitigate more vulnerabilities than ever. Terrascan provides a great …
Posts in 2021
-
Terrascan Expands Beyond Policy as Code for IaC
Thursday, December 02, 2021 in 2021
Terrascan emerged from the need for a scalable way to ensure that cloud infrastructure configuration adheres to evolving security best practices. It helps identify issues such as missing or misconfigured encryption on resources and communication, and …
-
Automating Terraform Security
Wednesday, May 19, 2021 in 2021
One of the best things about using Terraform to manage your systems is that best practices can be defined and applied to your templates in a manner similar to what is done with application code. This means that linting and testing the infrastructure …
-
Terrascan in Atlantis Workflows
Monday, May 03, 2021 in 2021
Atlantis is a popular open source automation platform for Terraform that leverages an organization’s code repository, such as Git, to streamline and automate Terraform workflows. At its most basic: New Terraform code is introduced as a pull request …
Posts in 2020
-
Kustomize gets Policy as Code with Terrascan
Tuesday, November 17, 2020 in 2020
Most organizations – in fact, over 78% – leverage Kubernetes in their move to cloud-native applications. This powerful and flexible platform enables teams to deploy and manage sophisticated systems while delivering innovation to market …
-
Terrascan extends Policy as Code to Kubernetes
Wednesday, September 16, 2020 in 2020
Accurics is excited to announce Terrascan v1.1.0, with Kubernetes (k8s) support! Cloud native apps and infrastructure are notoriously complex and difficult to secure with traditional tools, and kubernetes adds automation and orchestration that …
-
Terrascan Leverages OPA to Make Policy as Code Extensible
Monday, August 17, 2020 in 2020
I’m really excited about our release of Terrascan v1.0! Brief history of Terrascan and Accurics When I created Terrascan, I was working on a big cloud migration project, doing assessments on my employer’s cloud security posture. One of the most …
-
Announcing Terrascan
Wednesday, June 24, 2020 in 2020
I remember one of my first public cloud projects. We created a cross functional team that included representatives from the business, developers, architects, security, and operations. The goal was to have a minimum viable product for an important …