Technology Radar
Published : Apr 03, 2024
NOT ON THE CURRENT EDITION
This blip is not on the current edition of the Radar. If it was on one of the last few editions, it is likely that it is still relevant. If the blip is older, it might no longer be relevant and our assessment might be different today. Unfortunately, we simply don't have the bandwidth to continuously review blips from previous editions of the Radar.
Understand more
Apr 2024
Trial
Terrascan 是一个用于基础设施即代码 (IaC) 的静态代码分析器,旨在云原生基础设施部署之前检测安全漏洞和合规问题。 它支持对Terraform, Kubernetes (JSON/YAML), Helm, AWS CloudFormation, Azure Resource Manager, Dockerfiles 和 GitHub 进行扫描。 默认策略包支持所有主流的云供应商, GitHub, Docker 和 Kubernetes. 我们团队在本地使用 Terrascan 作为预提交钩子(pre-commit hook) 并在 CI 流水线中集成 Terrascan 来检测 laC 漏洞和违规行为。
