Posts in 2022

  • Securely scanning Argos pipelines with policy as code

    Monday, November 21, 2022 in 2022

    Among their many advantages, GitOps pipelines enable teams to run automated security tests using codified policies. Since your Git repository reflects your infrastructure configurations, scanning your Infrastructure as Code (IaC) repository is a …

    Read more

  • Improving Kubernetes Security

    Monday, November 14, 2022 in 2022

    Given the mind-boggling rate of innovation and adoption of cloud native technologies, the Terrascan team at Tenable has resolved to help cloud native development teams identify and mitigate more vulnerabilities than ever. Terrascan provides a great …

    Read more

Posts in 2021

  • Terrascan Expands Beyond Policy as Code for IaC

    Thursday, December 02, 2021 in 2021

    Featured Image for Terrascan Expands Beyond Policy as Code for IaC

    Terrascan emerged from the need for a scalable way to ensure that cloud infrastructure configuration adheres to evolving security best practices. It helps identify issues such as missing or misconfigured encryption on resources and communication, and …

    Read more

  • Automating Terraform Security

    Wednesday, May 19, 2021 in 2021

    Featured Image for Automating Terraform Security with pre-commit-terraform and Terrascan

    One of the best things about using Terraform to manage your systems is that best practices can be defined and applied to your templates in a manner similar to what is done with application code. This means that linting and testing the infrastructure …

    Read more

  • Terrascan in Atlantis Workflows

    Monday, May 03, 2021 in 2021

    Featured Image for Terraform Security: Terrascan in Atlantis Workflows

    Atlantis is a popular open source automation platform for Terraform that leverages an organization’s code repository, such as Git, to streamline and automate Terraform workflows. At its most basic: New Terraform code is introduced as a pull request …

    Read more

Posts in 2020

  • Kustomize gets Policy as Code with Terrascan

    Tuesday, November 17, 2020 in 2020

    Featured Image for Kustomize gets Policy as Code with Terrascan

    Most organizations – in fact, over 78% – leverage Kubernetes in their move to cloud-native applications. This powerful and flexible platform enables teams to deploy and manage sophisticated systems while delivering innovation to market …

    Read more

  • Terrascan extends Policy as Code to Kubernetes

    Wednesday, September 16, 2020 in 2020

    Featured Image for Terrascan extends Policy as Code to Kubernetes

    Accurics is excited to announce Terrascan v1.1.0, with Kubernetes (k8s) support! Cloud native apps and infrastructure are notoriously complex and difficult to secure with traditional tools, and kubernetes adds automation and orchestration that …

    Read more

  • Terrascan Leverages OPA to Make Policy as Code Extensible

    Monday, August 17, 2020 in 2020

    Featured Image for Terrascan Leverages OPA to Make Policy as Code Extensible

    I’m really excited about our release of Terrascan v1.0! Brief history of Terrascan and Accurics When I created Terrascan, I was working on a big cloud migration project, doing assessments on my employer’s cloud security posture. One of the most …

    Read more

  • Announcing Terrascan

    Wednesday, June 24, 2020 in 2020

    Featured Image for Securing Infrastructure as Code Using Terrascan

    I remember one of my first public cloud projects. We created a cross functional team that included representatives from the business, developers, architects, security, and operations. The goal was to have a minimum viable product for an important …

    Read more