Tenable announced the new features of Terrascan, the open source cloud native security analyzer that supports developers secure Infrastructure as Code(IaC). The new capabilities allow businesses to include security into their DevOps tooling, pipelines, and supply chains, reducing risk before infrastructure is deployed.
“It’s now more critical than ever for developers to have tools that can detect compliance and security violations across their entire cloud systems, including IaC,” said Nico Popp chief product officer, Tenable.
He added, “Just as IaC opens the door to programmatically embed policy checks earlier in the development lifecycle, Terrascan detects compliance and security violations across IaC to mitigate risk before provisioning. We are committed to ensuring Terrascan remains open and available to all development teams and are excited to contribute to its growth.”
Among other advances, Terrascan now features:
Terrascan provides a scalable solution for ensuring that cloud infrastructure configurations follow changing security best practices. It aids in the detection of vulnerabilities such as missing or misconfigured encryption on resources and communications, as well as unintended cloud service exposure. Terrascan significantly improves the value of IaC, which is used by enterprises to define and manage cloud infrastructure, while also enhancing security by allowing teams to identify and eliminate risk before infrastructure is deployed.