confectionery
A library of rules for Conftest used to detect misconfigurations within Terraform configuration files (by cigna)
tool-compare
By iacsecurity
Our great sponsors
confectionery | tool-compare | |
---|---|---|
2 | 4 | |
191 | 269 | |
0.5% | 0.0% | |
0.0 | 0.0 | |
over 1 year ago | over 1 year ago | |
Open Policy Agent | HCL | |
Apache License 2.0 | MIT License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
confectionery
Posts with mentions or reviews of confectionery.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-05-27.
-
Adding Some Sweetness to your Infra-as-Code with Confectionery
In order to give some flexibility to consumers of the library, exceptions are also supported. As noted in the documentation this leverages Regula's implementation. This allows waiving or disabled of rules on a number of factors. Let's try waiving the rule that is failing on our two keys
- Static scanning rule library for Terraform misconfigurations
tool-compare
Posts with mentions or reviews of tool-compare.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-05-27.
-
Static scanning rule library for Terraform misconfigurations
Is your plan to maintain this at the long term level? If so, you may want to enter it as a tool in the tool-compare repo: https://github.com/iacsecurity/tool-compare
-
Static analysis / SAST - which tool(s) are you using?
This repo does a static analysis tool comparison: https://github.com/iacsecurity/tool-compare
-
AWS open source news and updates #67
tool-compare a nice simple tool helps you compare various infrastructure as code (IaC) open source security tools. This allows you to see what the tool can do, and how it compares, before even installing it. Currently supporting Checkov, Indeni Cloudrail,Kics, Snyk, Terrascan and Tfsec.
-
Are there any benefits of running both TFSec and Checkov in CI? Or is it better to choose one?
There's some overlap in the issues they catch, but some differences. Here's a public repo that tracks this: https://github.com/iacsecurity/tool-compare