Terraform Security Scanner

Terraform Security Scanner

Static analysis of Infrastructure as Code (Terraform HCL):

• Misconfiguration Detection — Scans .tf files for security issues: public S3 buckets, open security groups, unencrypted databases.
• Compliance Mapping — Maps findings to CIS Benchmarks, SOC2, HIPAA, and PCI-DSS controls.
• Drift Detection — Compares Terraform state with actual cloud resources to identify manual changes.
• Secret Scanning — Detects hardcoded credentials, API keys, and tokens in HCL files and variable definitions.
• CI/CD Integration — GitHub Actions, GitLab CI, and Jenkins plugins for automated scanning on every pull request.