Scanning Infrastructure as Code (IaC) for vulnerabilities

24 Aug 2022

DevSecOps GitHub IaC Security SecurityScanning snyk Terraform

YouTube Video

In the modern world where it feels like every sentence has a Dev⭐Ops word in it, 1 that is probably used more than most is DevSecOps. When teams focus on DevSecOps they make sure to integrate security into every phase of development, this includes scanning for vulnerabilities as soon as possible.

This videos shows you briefly how you can use Snyk to scan your terraform templates for vulnerabilities from your CLI as well as part of every commit pushed to GitHub.

Posted originally on 24 Aug 2022 on Dev⭐Ops.

Make sure you take a look in the description of the video on YouTube for shared links.

 

All code from this demo can be found on GitHub at https://github.com/DevStarOps-org/Scanning-IaC-for-vulnerabilities.