These days implementation and maintaining infrastructure is easy by using IaC (infrastructure-as-code) solutions, can make a code for doing a job once and use it repeatedly. But did you consider security when you write a code block? If you want to make sure about the security level of your Code, you must have an IaC scanner which is a Static Code Analysis tool. Let’s check Checkov as a tool for IaC scanning.

What is CheckOV?

Checkov is a static code analysis tool for infrastructure-as-code. It scans cloud infrastructure provisioned using Terraform, Terraform plan, Cloudformation, Kubernetes, Dockerfile, Serverless or ARM Templates and detects security and compliance misconfigurations using graph-based scanning.

Checkov’s Github reop

Continue reading “Running Chechov as IaC scanner on Azure DevOps” →