IaC Security
Compare 132 iac security tools to find the right one for your needs
📂 Subcategories
🔧 Tools
Compare and find the best iac security for your needs
Spacelift
A specialized CI/CD platform for IaC that provides automation, collaboration, and governance, with built-in security scanning.
Kubescape
A tool for risk analysis, security, compliance, and misconfiguration scanning in Kubernetes.
Wiz
A CNAPP that provides full-stack visibility and risk assessment for your cloud environment.
CrowdStrike Falcon Cloud Security
Extends CrowdStrike's EDR leadership to cloud security.
Snyk IaC
Finds and fixes misconfigurations in Terraform, CloudFormation, Kubernetes, and ARM templates within developer workflows.
Spacelift
A CI/CD platform for IaC with built-in policy and compliance features.
Open Policy Agent (OPA)
An open-source, general-purpose policy engine.
Wiz
An agentless CNAPP that provides full-stack visibility of cloud risks, connecting IaC issues to runtime context.
Wiz
A CNAPP that provides full stack visibility and security.
Terrascan
An open-source static code analysis tool for IaC that helps detect security and compliance violations.
GitGuardian
A platform for automated secrets detection and remediation.
GitGuardian IaC Security
Scans infrastructure-as-code files for misconfigurations and security issues within the software development lifecycle.
Orca Security
Provides comprehensive, agentless security and compliance for the cloud.
CrowdStrike Falcon Cloud Security
A cloud security platform that provides breach protection for the entire cloud estate.
Checkov
An open-source static analysis tool for scanning IaC to find misconfigurations before they're deployed.
Orca Security
An agentless cloud security platform that provides 100% visibility into your cloud environment.
tfsec
A static analysis security scanner for Terraform code.
Orca Security
A comprehensive, agentless CNAPP that provides full-stack visibility into cloud environments, including IaC security.
Lacework
Automates cloud security and compliance for multicloud environments.
tfsec
An open-source tool that performs static analysis of Terraform code to spot misconfigurations and security issues.
Fugue by Snyk
A cloud security posture management (CSPM) tool with IaC capabilities.
Trivy
An open-source scanner for vulnerabilities, misconfigurations, secrets, and SBOM.
Snyk IaC
Finds and fixes security issues in Terraform, CloudFormation, Kubernetes, and ARM templates.
Snyk
Finds and fixes vulnerabilities in code, open source, containers, and IaC.
KICS
An open-source static analysis tool from Checkmarx that finds security vulnerabilities and misconfigurations in IaC.
Open Policy Agent
An open-source, general-purpose policy engine.
Checkov
Scans cloud infrastructure configurations to find misconfigurations before they're deployed.
Prisma Cloud (Checkov)
Secures applications from code to cloud, including IaC scanning with the open-source engine Checkov.
Prisma Cloud by Palo Alto Networks
Secures applications from code to cloud across multicloud environments.
SpectralOps
A developer-first platform for finding and fixing security issues in code.
Prisma Cloud
A comprehensive Cloud Native Application Protection Platform (CNAPP).
Datadog Cloud Security Management
Integrates security into the Datadog observability platform, providing IaC scanning, CSPM, and threat detection.
Datadog Cloud Security Management
A cloud security solution from Datadog that includes CSPM, CWP, and IaC scanning.
Terrascan
A static code analyzer for Infrastructure as Code.
Lacework
A data-driven CNAPP that uses machine learning to automate cloud security, from IaC scanning to threat detection.
Snyk IaC
Find and fix security issues in your Terraform, CloudFormation, Kubernetes, and ARM configurations.
KICS
An open-source IaC static analysis tool by Checkmarx.
Tenable Cloud Security (Terrascan)
A CNAPP solution that includes IaC scanning, CSPM, and workload protection, utilizing the open-source Terrascan engine.
Sysdig Secure
A cloud-native security platform that provides threat detection, compliance, and vulnerability management.
Aqua Security (tfsec, Trivy)
A full-lifecycle CNAPP that secures applications from development to production, featuring IaC scanning via tfsec and Trivy.
TFLint
A static analysis tool focused on linting Terraform code.
Cloudanix
A unified platform for code, cloud, identity, and workload security.
Deepfactor
A runtime application security platform that includes IaC scanning.
Jit
A DevSecOps platform that simplifies and automates security.
Styra Declarative Authorization Service (DAS)
An enterprise management plane for Open Policy Agent (OPA) to operationalize authorization and policy.
Lightspin by Cisco
A CNAPP that prioritizes risks using attack path analysis.
Runecast
Proactive security and compliance analysis for hybrid clouds.
Open Policy Agent (OPA)
Open-source, general-purpose policy engine.
Trivy
A versatile security scanner that finds vulnerabilities, misconfigurations, secrets, and SBOMs in a variety of targets.
oak9
An IaC security platform that helps developers build secure and compliant cloud native applications.
Prowler
An open-source security tool for AWS, Azure, and GCP that performs security assessments, audits, and hardening.
Trivy
Versatile open-source scanner for vulnerabilities, misconfigurations, and more.
oak9
An Infrastructure as Code security platform that is designed for developers.
tfsec
Open-source static analysis for Terraform.
Checkov
An open-source static analysis tool for infrastructure as code.
env0
An IaC automation platform that helps you manage and govern your cloud environments.
Spacelift
A CI/CD platform that helps you manage and automate your IaC deployments with policy as code.
GitGuardian
A platform that helps you detect and remediate secrets in your code and monitor your software supply chain.
oak9
Dynamically secure Infrastructure as Code (IaC) and deployed cloud-native workloads.
Lightspin
A CNAPP that provides a contextual view of cloud security risks.
SentinelOne Singularity Cloud
A cloud security platform that provides autonomous threat protection for cloud workloads and environments.
GitHub Advanced Security
A suite of security features for GitHub that helps you find and fix vulnerabilities in your code.
Trivy
A simple and comprehensive vulnerability scanner for containers and other artifacts, including IaC.
Wiz
A CNAPP platform that provides full-stack visibility and context to find, fix, and prevent risks in the cloud.
Checkov
Open-source static analysis for IaC.
Orca Security
A CNAPP that provides comprehensive visibility and security for your cloud estate without agents.
CrowdStrike Falcon Cloud Security
A CNAPP that extends CrowdStrike's leading endpoint security to protect the entire cloud estate.
SpectralOps
A developer-first security platform that scans code, configuration, and other assets for security issues.
Fugue
A cloud security posture management (CSPM) tool with a focus on IaC security and compliance.
Lacework
A CNAPP that provides automated threat detection, configuration compliance, and workload protection.
Pulumi
An IaC platform that allows you to use general-purpose programming languages to provision and manage cloud infrastructure.
Datadog Cloud Security Management
Integrates security into the Datadog observability platform, providing posture management and threat detection.
KICS by Checkmarx
Open-source IaC security scanning tool.
Datadog Cloud Security Management
Detects threats and misconfigurations across the full cloud stack.
HashiCorp Sentinel
An embedded policy-as-code framework integrated with the HashiCorp Enterprise products.
Pulumi CrossGuard
A policy as code solution for the Pulumi platform.
Snyk IaC
Scans IaC files for misconfigurations and security vulnerabilities, integrating into developer workflows.
Bridgecrew by Prisma Cloud
A developer-first cloud security platform with a focus on IaC.
Accurics by Tenable
Provides security and governance from code to cloud.
Snyk Infrastructure as Code
Find and fix security issues in your Terraform, CloudFormation, Kubernetes, and ARM configurations.
tfsec
A static analysis security scanner for Terraform code.
Lacework
A CNAPP that provides automated threat detection, compliance, and workload protection.
Fugue
A CNAPP that provides end-to-end security for cloud environments, from IaC to runtime.
SonarCloud
A cloud-based code quality and security service.
Snyk IaC
Find and fix security issues in your IaC files.
Veracode
A comprehensive application security platform that helps organizations secure their software.
GitLab Ultimate
A complete DevOps platform that includes integrated security capabilities, including IaC scanning.
Rapid7 InsightCloudSec
Comprehensive cloud security posture management (CSPM) and workload protection (CWPP).
Aqua Security
Secures applications from code to cloud and back.
Rapid7 InsightCloudSec
A cloud-native security platform for unified visibility and control.
Terrascan
Open-source static code analyzer for IaC.
Sysdig Secure
A CNAPP built on runtime insights from Falco.
Zscaler Posture Control
Provides unified CNAPP to secure cloud applications.
Pulumi Policy as Code
An integrated policy as code solution for the Pulumi IaC platform.
CloudSploit by Aqua
Open-source and commercial tool for cloud security posture monitoring.
Zscaler Posture Control
A cloud-native application protection platform (CNAPP) for unified cloud security.
Aqua Security
A comprehensive security platform for cloud-native applications, from development to production.
Sysdig Secure
A CNAPP built on a foundation of deep runtime visibility, powered by Falco.
Checkov
An open-source static analysis tool for scanning infrastructure as code (IaC) files for misconfigurations.
Prisma Cloud by Palo Alto Networks
A comprehensive cloud security platform that includes IaC scanning and compliance.
HashiCorp Sentinel
A policy as code framework for HashiCorp products.
Prisma Cloud (by Palo Alto Networks)
A comprehensive cloud security platform that includes IaC scanning.
Tenable Cloud Security (incorporating Terrascan)
Provides unified visibility and security for the entire cloud attack surface.
Tenable.cs
A cloud-native application protection platform (CNAPP) from Tenable.
KICS
An open-source static analysis tool that finds security vulnerabilities, compliance issues, and misconfigurations in IaC.
Aqua Security
A CNAPP focused on securing the entire lifecycle of container-based and cloud-native applications.
Tenable.cs
A cloud-native security platform with IaC scanning.
Terrascan
An open-source static code analyzer for Infrastructure as Code.
KICS
An open-source static analysis tool for Infrastructure as Code.
Qualys Cloud Platform
A comprehensive security and compliance platform with IaC scanning.
Tenable Cloud Security
A cloud security platform that provides visibility and control over cloud environments, including IaC security.
Checkmarx One
A comprehensive application security platform that includes IaC scanning with KICS.
Bridgecrew
Automate cloud security from code to cloud.
Checkmarx KICS
Open-source solution for static analysis of IaC, finding security vulnerabilities, compliance issues, and misconfigurations.
KICS by Checkmarx
An open-source solution for static analysis of IaC.
Bridgecrew
A developer-first platform for cloud security, focusing on infrastructure as code.
Regula
An open-source tool that evaluates Terraform and CloudFormation for misconfigurations using Rego.
CloudQuery
An open-source tool that extracts, transforms, and loads cloud configuration into a database for analysis.
Open Policy Agent (OPA)
A versatile policy engine that can be used to enforce policies in various systems, including IaC.
Mondoo
Policy-as-code platform for security and compliance.
Regula
An open-source policy engine for checking IaC against security and compliance rules.
Cloud Custodian
An open-source rules engine for managing public cloud accounts.
Horusec
Orchestration tool for SAST, SCA, and IaC scanning.
Checkmarx KICS
An open-source solution for static analysis of IaC, finding security vulnerabilities, compliance issues, and misconfigurations.
Turbot Pipes
An open-source tool for querying and managing your cloud environment.
Driftctl
Open-source tool to manage IaC drift.
Terrascan
An open-source static code analyzer for IaC that helps you detect security and compliance issues.
tfsec
An open-source static analysis tool for Terraform that checks for security misconfigurations.
Accurics
A cloud security platform that enables cyber resilience through policy as code.
Regula
An open-source tool that evaluates IaC against policies.
Open Policy Agent (OPA)
An open-source, general-purpose policy engine.
Prowler
An open-source tool for AWS security assessment, auditing, hardening, and incident response.