🗂️ Navigation
📁 Infrastructure as Code
📋 IaC SAST

📋 IaC SAST

11 tools compared

🔧 Tools in IaC SAST

Spacelift

The most flexible and sophisticated CI/CD for Infrastructure as Code.

A specialized CI/CD platform for IaC that provides automation, collaboration, and governance, with built-in security scanning.

For more tool information ➜

Wiz

The Cloud Security Platform.

An agentless CNAPP that provides full-stack visibility of cloud risks, connecting IaC issues to runtime context.

For more tool information ➜

GitGuardian IaC Security

Automated IaC security and compliance.

Scans infrastructure-as-code files for misconfigurations and security issues within the software development lifecycle.

For more tool information ➜

Orca Security

Agentless Cloud Security. Instant-On. 100% Coverage.

A comprehensive, agentless CNAPP that provides full-stack visibility into cloud environments, including IaC security.

For more tool information ➜

Snyk IaC

Developer-first security for your infrastructure as code.

Finds and fixes security issues in Terraform, CloudFormation, Kubernetes, and ARM templates.

For more tool information ➜

Prisma Cloud (Checkov)

The most comprehensive Cloud Native Application Protection Platform (CNAPP).

Secures applications from code to cloud, including IaC scanning with the open-source engine Checkov.

For more tool information ➜

Datadog Cloud Security Management

Full-stack security, from development to production.

Integrates security into the Datadog observability platform, providing IaC scanning, CSPM, and threat detection.

For more tool information ➜

Lacework

The AI-powered Cloud Security Platform.

A data-driven CNAPP that uses machine learning to automate cloud security, from IaC scanning to threat detection.

For more tool information ➜

Tenable Cloud Security (Terrascan)

Identify and address cloud security risks with confidence.

A CNAPP solution that includes IaC scanning, CSPM, and workload protection, utilizing the open-source Terrascan engine.

For more tool information ➜

Aqua Security (tfsec, Trivy)

Stop cloud native attacks. From code to cloud and back.

A full-lifecycle CNAPP that secures applications from development to production, featuring IaC scanning via tfsec and Trivy.

For more tool information ➜

Checkmarx KICS

Keeping Infrastructure as Code Secure.

Open-source solution for static analysis of IaC, finding security vulnerabilities, compliance issues, and misconfigurations.

For more tool information ➜