This item was not updated in last three versions of the Radar. Should it have appeared in one of the more recent editions, there is a good chance it remains pertinent. However, if the item dates back further, its relevance may have diminished and our current evaluation could vary. Regrettably, our capacity to consistently revisit items from past Radar editions is limited.
Assess
Checkov is a static code analysis tool for infrastructure-as-code.
It scans cloud infrastructure provisioned using
- Terraform
- Terraform plan
- Cloudformation
- Kubernetes
and detects security and compliance misconfigurations.
At we use Checkov in CI/CD processes to get insights into our Terraform-Modules.