tfsec

tfsec is a static analysis security scanner for your Terraform code. Designed to run locally and in your CI pipelines, developer-friendly output and fully documented checks mean detection and remediation can take place as quickly and efficiently as possible. tfsec takes a developer-first approach to scanning your Terraform templates; using static analysis and deep integration with the official HCL parser it ensures that security issues can be detected before your infrastructure changes take effect. Checks for misconfigurations across all major (and some minor) cloud providers. Applies (and embellishes) user-defined Rego policies. Supports multiple output formats: CLI, JSON, SARIF, CSV, CheckStyle, and JUnit. Configurable (via CLI flags and/or config file). Very fast, capable of quickly scanning huge repositories. Plugins for popular IDEs available (JetBrains, VSCode and Vim).

Features

Hundreds of built-in rules
Scans modules (local and remote)
Evaluates HCL expressions as well as literal values
Evaluates Terraform functions
Evaluates relationships between Terraform resources
Compatible with the Terraform CDK

Project Samples

Project Activity

See All Activity >

License

MIT License

Follow tfsec

tfsec Web Site

Other Useful Business Software

Passwordless Authentication and Passwordless Security

Identity is everything. Protect it with Duo.

It’s no secret — passwords can be a real headache, both for the people who use them and the people who manage them. Over time, we’ve created hundreds of passwords, it’s easy to lose track of them and they’re easily compromised. Fortunately, passwordless authentication is becoming a feasible reality for many businesses. Duo can help you get there.

Get a Free Trial

Rate This Project

User Reviews

Be the first to post a review of tfsec!

Additional Project Details

Operating Systems

Linux

Programming Language

Related Categories

Go Vulnerability Scanners, Go Static Code Analysis Tool

Registered

2022-03-31

Similar Business Software

Kiuwan Code Security

Security Solutions For Your DevOps Process. Automatically scan your code to identify and remediate vulnerabilities. Compliant with the most stringent security standards, such as OWASP and CWE, Kiuwan Code Security covers all important languages and integrates with leading DevOps...

See Software
PHPStan

PHPStan is an open source static analysis tool for PHP that identifies bugs in your codebase without the need for writing tests. It thoroughly scans your entire code, detecting both obvious and subtle issues, including those in rarely executed conditional statements that tests might not cover....

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software

Report inappropriate content

tfsec

Security scanner for your Terraform code

Get an email when there's a new version of tfsec

Features

Project Samples

Project Activity

Categories

License

Follow tfsec

User Reviews

Additional Project Details

Operating Systems

Programming Language

Related Categories

Registered