Which technologies are scanned by Terrascan for security and compliance issues?

Terrascan is a static code analysis tool specifically designed to scan infrastructure as code (IaC) and cloud-native technologies for security and compliance issues. The primary focus of Terrascan is on Terraform and Kubernetes, which are widely used for provisioning and managing cloud infrastructure.

Terraform is an open-source infrastructure as code tool that allows users to define and provision their infrastructure using a declarative configuration language. It facilitates the management of cloud resources in a systematic manner, making it essential for organizations looking to maintain security and compliance across their infrastructure.

Kubernetes is an orchestration platform for managing containerized applications, providing automation for deployment, scaling, and operations of application containers across clusters of hosts. As organizations increasingly adopt containerization for agility and scalability, ensuring security in Kubernetes configurations is crucial.

By focusing on these technologies, Terrascan helps organizations identify misconfigurations and security vulnerabilities in their infrastructure code before deployment, thereby mitigating risks associated with insecure configurations in cloud environments.