Security News > 2021 > December > Open source cloud native security analyzer Terrascan embeds security into native DevOps tooling

Tenable enhanced Terrascan, an open source cloud native security analyzer that helps developers secure Infrastructure as Code.
"It's now more critical than ever for developers to have tools that can detect compliance and security violations across their entire cloud systems, including IaC," said Nico Popp, chief product officer, Tenable.
"Just as IaC opens the door to programmatically embed policy checks earlier in the development lifecycle, Terrascan detects compliance and security violations across IaC to mitigate risk before provisioning. We are committed to ensuring Terrascan remains open and available to all development teams and are excited to contribute to its growth."
New Terrascan features The ability to identify security risks in more IaC and container definition formats.
Terrascan delivers a scalable way to ensure that cloud infrastructure configuration adheres to evolving security best practices.
Terrascan fundamentally enhances the value of IaC used by organizations to define and manage cloud infrastructure, and improves security by enabling teams to eliminate risk before infrastructure is deployed.
News URL
https://www.helpnetsecurity.com/2021/12/02/terrascan-open-source-security-analyzer/
Related news
- Why multi-cloud security needs a fresh approach to stay resilient (source)
- Fix Inventory: Open-source cloud asset inventory tool (source)
- Cloud security gains overshadowed by soaring storage fees (source)
- Hetty: Open-source HTTP toolkit for security research (source)
- NetBird: Open-source network security (source)
- IntelMQ: Open-source tool for collecting and processing security feeds (source)
- Google Acquires Wiz for $32 Billion in Its Biggest Deal Ever to Boost Cloud Security (source)
- Google to purchase Wiz for $32 billion in cloud security play (source)
- Cloud providers aren’t delivering on security promises (source)
- There are 10,000 reasons to doubt Oracle Cloud's security breach denial (source)