🗂️ Navigation
📁 Infrastructure as Code
📋 IaC Compliance

📋 IaC Compliance

27 tools compared

🔧 Tools in IaC Compliance

Wiz

The Cloud Security Platform.

A comprehensive cloud security platform with IaC scanning.

For more tool information ➜

Spacelift

The most flexible and collaborative CI/CD for Infrastructure as Code.

A CI/CD platform for IaC with built-in policy and compliance features.

For more tool information ➜

CrowdStrike Falcon Cloud Security

One platform to stop cloud breaches.

A unified cloud-native application protection platform (CNAPP).

For more tool information ➜

Orca Security

The Agentless-First Cloud Security Platform.

A comprehensive cloud security platform with IaC scanning.

For more tool information ➜

Fugue by Snyk

Cloud security for developers.

A cloud security posture management (CSPM) tool with IaC capabilities.

For more tool information ➜

Open Policy Agent

Policy-based control for cloud native environments.

An open-source, general-purpose policy engine.

For more tool information ➜

SpectralOps

Automated code security.

A developer-first platform for finding and fixing security issues in code.

For more tool information ➜

Datadog Cloud Security Management

Full-stack security, from development to production.

A cloud security solution that's part of the Datadog observability platform.

For more tool information ➜

Snyk IaC

Developer-first security for Infrastructure as Code.

Find and fix security issues in Terraform, CloudFormation, Kubernetes, and ARM templates.

For more tool information ➜

Sysdig Secure

Cloud security, powered by runtime insights.

A cloud-native security platform with a focus on runtime security.

For more tool information ➜

tfsec

Security scanner for your Terraform code.

A static analysis security scanner for Terraform code.

For more tool information ➜

Lacework

The data-driven cloud security platform.

A cloud security platform that uses data and automation to drive security outcomes.

For more tool information ➜

Bridgecrew by Prisma Cloud

Developer-first cloud security.

A developer-first cloud security platform with a focus on IaC.

For more tool information ➜

Pulumi CrossGuard

Policy as Code for the Cloud.

A policy as code solution for the Pulumi platform.

For more tool information ➜

Checkov

Policy-as-code for everyone.

An open-source static analysis tool for infrastructure as code.

For more tool information ➜

Prisma Cloud by Palo Alto Networks

The most complete Cloud-Native Application Protection Platform (CNAPP).

A comprehensive cloud security platform with IaC scanning capabilities.

For more tool information ➜

Aqua Security

The Cloud Native Security Platform.

A comprehensive security platform for cloud-native applications.

For more tool information ➜

Rapid7 InsightCloudSec

Unified cloud security and compliance.

A cloud-native security platform for unified visibility and control.

For more tool information ➜

Zscaler Posture Control

Unified CNAPP to secure your cloud.

A cloud-native application protection platform (CNAPP) for unified cloud security.

For more tool information ➜

HashiCorp Sentinel

Policy as Code for Infrastructure.

A policy as code framework for HashiCorp products.

For more tool information ➜

Terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

An open-source static code analyzer for Infrastructure as Code.

For more tool information ➜

Tenable.cs

Secure the entire cloud-native stack.

A cloud-native security platform with IaC scanning.

For more tool information ➜

Qualys Cloud Platform

The all-in-one platform for IT, security and compliance.

A comprehensive security and compliance platform with IaC scanning.

For more tool information ➜

KICS by Checkmarx

Keeping Infrastructure as Code Secure

An open-source solution for static analysis of IaC.

For more tool information ➜

Regula

A tool that evaluates infrastructure as code for security and compliance.

An open-source tool for checking IaC against security and compliance policies.

For more tool information ➜

Cloud Custodian

Rules engine for cloud security, cost optimization, and governance.

An open-source rules engine for managing public cloud accounts.

For more tool information ➜

Turbot Pipes

Query everything. Code your controls. Automate your operations.

An open-source tool for querying and managing your cloud environment.

For more tool information ➜