Which tool is typically employed to check for security standard deviations in cloud infrastructure?

The tool typically employed to check for security standard deviations in cloud infrastructure is Cloud Security Posture Management (CSPM). CSPM solutions are designed to continuously monitor cloud environments for compliance with security policies and best practices. They assess configurations, provisioned resources, and account settings against defined security standards and governance frameworks.

By employing CSPM, organizations can identify and automatically remediate misconfigurations or deviations from security policies, thereby reducing the risk of vulnerabilities that could be exploited by attackers. This proactive approach aids in maintaining a secure cloud environment and ensures that security measures are effectively implemented across all cloud resources.

In contrast, other options serve different purposes. For example, a Cloud Data Scanner focuses on identifying sensitive data stored within cloud environments. Dependency-Check is a tool used in software development to identify vulnerabilities in project dependencies. A Static Code Analyzer checks source code for potential errors and security vulnerabilities but does not address the broader concerns of cloud infrastructure security. Thus, CSPM is distinctly suited for evaluating and maintaining compliance within cloud infrastructures.