terraform scan code checkov - ghdrako/doc_snipets GitHub Wiki
Infra code check terraform/docker/ansible/helm
- https://www.checkov.io/
- https://github.com/bridgecrewio/checkov
- https://www.checkov.io/5.Policy%20Index/all.html
super jak precommit option - pewnosc ze secrety nie znajda sie w repozytorium checkov -d . | echo $? na calym katalogu i czy jakas polica jest naruszona
https://github.com/devsecops-workshop-sep24/prisma-cloud-devsecops-workshop https://catalog.us-east-1.prod.workshops.aws/event/dashboard/en-US/workshop/1-table-content/1-objectives
Feature
- comand line
- vcode plugin
- github action
Other tools:
- veracode
- https://snyk.io/
- sentinel