f

Author: carlospolop

src/pentesting-ci-cd/terraform-security.md

@@ -408,6 +408,21 @@ brew install tfsec
 tfsec /path/to/folder
 ```
 
+### [terrascan](https://github.com/tenable/terrascan)
+
+Terrascan is a static code analyzer for Infrastructure as Code. Terrascan allows you to:
+
+- Seamlessly scan infrastructure as code for misconfigurations.
+- Monitor provisioned cloud infrastructure for configuration changes that introduce posture drift, and enables reverting to a secure posture.
+- Detect security vulnerabilities and compliance violations.
+- Mitigate risks before provisioning cloud native infrastructure.
+- Offers flexibility to run locally or integrate with your CI\CD.
+
+```bash
+brew install terrascan
+terrascan scan -d /path/to/folder
+```
+
 ### [KICKS](https://github.com/Checkmarx/kics)
 
 Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with **KICS** by Checkmarx.