Not The Hidden Wiki
- tfsec is a static analysis tool that scans Terraform code for security vulnerabilities and misconfigurations - link
- Snyk that detects, tracks, and alerts on infrastructure drift - link
- Checov it scans cloud infrastructure configurations to detect security and compliance misconfigurations - link
- Terrascan IaC to mitigate risk before provisioning cloud-native infrastructure. It supports frameworks:Terraform, AWS CloudFormation, and Kubernetes - link
- Terraform compliance a lightweight, security and compliance focused test framework against terraform to enable negative testing capability - link
- Ansible Collection that provides comprehensive security hardening for many Linux operating systems, MySQL, Nginx, and OpenSSH - link