f5-azure-arm-templates
terraform-security-scan
Our great sponsors
f5-azure-arm-templates | terraform-security-scan | |
---|---|---|
1 | 1 | |
85 | 110 | |
- | - | |
0.0 | 4.6 | |
5 months ago | 8 months ago | |
Shell | Shell | |
- | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
f5-azure-arm-templates
terraform-security-scan
-
tfsec vs chekhov vs terrascan - What do pople recommend?
While I think the major problem is how the https://github.com/triat/terraform-security-scan action works in that it compiles tfsec from scratch on each run. There is a major issue to me with how the tfsec team manages their project it seems like instead of releasing new versions of their tool they will go back and retag new code. This has introduced issues where the tfsec will just randomly fail one day because of a bug, we've had it happen about 3 times in the last four months.
What are some alternatives?
azure-quickstart-templates - Azure Quickstart Templates
checkov - Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Nuclei-Template-CVE-2022-1388-BIG-IP-iControl-REST-Exposed - This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only.
tfsec - Security scanner for your Terraform code
testssl.sh - Testing TLS/SSL encryption anywhere on any port
prowler - Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
dehydrated-bigip-ansible - Ansible based hooks for dehydrated to enable ACME certificate automation for F5 BIG-IP systems
aws-grafana-billing-dashboard - A Grafana dashboard for AWS billing metrics which is deployable via Terraform or cdktf
docker-android - Android in docker solution with noVNC supported and video recording
super-linter - Combination of multiple linters to install as a GitHub Action
s3-sync-action - ๐ GitHub Action to sync a directory with a remote S3 bucket ๐งบ
tfsec - Security scanner for your Terraform code [Moved to: https://github.com/aquasecurity/tfsec]