<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>compliance Archives - Tech Chronicles</title>
	<atom:link href="http://kostacipo.stream/tag/compliance/feed/" rel="self" type="application/rss+xml" />
	<link>http://kostacipo.stream/tag/compliance/</link>
	<description>Ramblings of a Tech Dude</description>
	<lastBuildDate>Fri, 04 Dec 2020 12:46:38 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.3</generator>

<image>
	<url>https://kostacipo.stream/wp-content/uploads/2019/12/cropped-profile-32x32.jpg</url>
	<title>compliance Archives - Tech Chronicles</title>
	<link>http://kostacipo.stream/tag/compliance/</link>
	<width>32</width>
	<height>32</height>
</image> 
	<item>
		<title>Terrascan &#8211; Detect Compliance And Security Violations</title>
		<link>http://kostacipo.stream/terrascan-detect-compliance-and-security-violations/</link>
					<comments>http://kostacipo.stream/terrascan-detect-compliance-and-security-violations/#respond</comments>
		
		<dc:creator><![CDATA[Majordomo]]></dc:creator>
		<pubDate>Fri, 04 Dec 2020 12:46:38 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<category><![CDATA[DevOps]]></category>
		<category><![CDATA[compliance]]></category>
		<category><![CDATA[infrastructure as code]]></category>
		<category><![CDATA[terrascan]]></category>
		<guid isPermaLink="false">http://www.kostacipo.stream/?p=1951</guid>

					<description><![CDATA[<p>Terrascan &#8211; Detect Compliance And Security Violations Across Infrastructure As Code To Mitigate Risk Before Provisioning Cloud Native Infrastructure GitHub Repo: https://github.com/accurics/terrascan Documentation: https://docs.accurics.com Discuss: https://community.accurics.com Features 500+ Policies for security best practices Scanning of Terraform 12+ (HCL2) Scanning of Kubernetes (JSON/YAML), Helm v3, and Kustomize v3 Support for AWS, Azure, GCP, Kubernetes and GitHub [&#8230;]</p>
<p>The post <a href="http://kostacipo.stream/terrascan-detect-compliance-and-security-violations/">Terrascan &#8211; Detect Compliance And Security Violations</a> appeared first on <a href="http://kostacipo.stream">Tech Chronicles</a>.</p>
]]></description>
										<content:encoded><![CDATA[<h1 class="post-title entry-title">Terrascan &#8211; Detect Compliance And Security Violations Across Infrastructure As Code To Mitigate Risk Before Provisioning Cloud Native Infrastructure</h1>
<article>
<div id="post-body-957222010766586678" class="post-body entry-content">
<ul>
<li>GitHub Repo: <a title="https://github.com/accurics/terrascan" href="https://github.com/accurics/terrascan" target="_blank" rel="nofollow noopener noreferrer">https://github.com/accurics/terrascan</a></li>
<li>Documentation: <a title="https://docs.accurics.com" href="https://docs.accurics.com" target="_blank" rel="nofollow noopener noreferrer">https://docs.accurics.com</a></li>
<li>Discuss: <a title="https://community.accurics.com" href="https://community.accurics.com" target="_blank" rel="nofollow noopener noreferrer">https://community.accurics.com</a></li>
</ul>
<p><b>Features</b></p>
<ul>
<li>500+ Policies for security best practices</li>
<li>Scanning of Terraform 12+ (HCL2)</li>
<li>Scanning of Kubernetes (JSON/YAML), Helm v3, and Kustomize v3</li>
<li>Support for AWS, Azure, GCP, Kubernetes and GitHub</li>
</ul>
<p><b>Installing</b><br />
Terrascan&#8217;s binary for your architecture can be found on the <a title="releases" href="https://github.com/accurics/terrascan/releases" target="_blank" rel="nofollow noopener noreferrer">releases</a> page. Here&#8217;s an example of how to install it:</p>
<div>
<pre><code>$ curl --location https://github.com/accurics/terrascan/releases/download/v1.2.0/terrascan_1.2.0_Darwin_x86_64.tar.gz --output terrascan.tar.gz
$ tar -xvf terrascan.tar.gz
  x CHANGELOG.md
  x LICENSE
  x README.md
  x terrascan
$ install terrascan /usr/local/bin
$ terrascan</code></pre>
</div>
<p>If you have go installed, Terrascan can be installed with <code>go get</code></p>
<pre><code>$ export GO111MODULE=on
$ go get -u github.com/accurics/terrascan/cmd/terrascan
  go: downloading github.com/accurics/terrascan v1.2.0
  go: found github.com/accurics/terrascan/cmd/terrascan in github.com/accurics/terrascan v1.2.0
  ...
$ terrascan
</code></pre>
<p><b>Install via <code>brew</code></b><br />
<a title="Homebrew" href="https://brew.sh/" target="_blank" rel="nofollow noopener noreferrer">Homebrew</a> users can install by:</p>
<div>
<pre><code>$ brew install terrascan</code></pre>
</div>
<p><b>Docker</b><br />
Terrascan is also available as a Docker image and can be used as follows</p>
<div>
<pre><code>$ docker run accurics/terrascan</code></pre>
</div>
<p><b>Building Terrascan</b><br />
Terrascan can be built locally. This is helpful if you want to be on the latest version or when developing Terrascan.</p>
<div>
<pre><code>$ git clone git@github.com:accurics/terrascan.git
$ cd terrascan
$ make build
$ ./bin/terrascan</code></pre>
</div>
<p><b>Getting started</b><br />
To scan your code for security issues you can run the following (defaults to scanning Terraform).</p>
<div>
<pre><code>$ terrascan scan</code></pre>
</div>
<p>Terrascan will exit 3 if any issues are found.</p>
<p>The following commands are available:</p>
<div>
<pre><code>$ terrascan
Terrascan

An advanced IaC (Infrastructure-as-Code) file scanner written in Go.
Secure your cloud deployments at design time.
For more information, please visit https://www.accurics.com

Usage:
  terrascan [command]

Available Commands:
  help        Help about any command
  init        Initialize Terrascan
  scan        Scan IaC (Infrastructure-as-Code) files for vulnerabilities.
  server      Run Terrascan as an API server

Flags:
  -c, --config-path string   config file path
  -h, --help                 help for terrascan
  -l, --log-level string     log level (debug, info, warn, error, panic, fatal) (default "info")
  -x, --log-type string      log output type (console, json) (default "console")
  -o, --output-type string   output type (json, yaml, xml) (default "yaml")
  -v, --version              version for terrascan

Use "terrascan [command] --help" for    more information about a command.</code></pre>
</div>
<p><b>Documentation</b><br />
To learn more about Terrascan check out the documentation <a title="https://docs.accurics.com" href="https://docs.accurics.com" target="_blank" rel="nofollow noopener noreferrer">https://docs.accurics.com</a> where we include a getting started guide, Terrascan&#8217;s architecture, a breakdown of it&#8217;s commands, and a deep dive into policies.</p>
<p><b>Developing Terrascan</b><br />
To learn more about developing and contributing to Terrascan refer to the <a title="contributing guide" href="https://github.com/accurics/terrascan/blob/master/CONTRIBUTING.md" target="_blank" rel="nofollow noopener noreferrer">contributing guide</a>.</p>
<div><b><a class="kiploit-download" title="Download Terrascan" href="https://github.com/accurics/terrascan" target="_blank" rel="nofollow noopener noreferrer">Download Terrascan</a></b></div>
</div>
</article>
<p>The post <a href="http://kostacipo.stream/terrascan-detect-compliance-and-security-violations/">Terrascan &#8211; Detect Compliance And Security Violations</a> appeared first on <a href="http://kostacipo.stream">Tech Chronicles</a>.</p>
]]></content:encoded>
					
					<wfw:commentRss>http://kostacipo.stream/terrascan-detect-compliance-and-security-violations/feed/</wfw:commentRss>
			<slash:comments>0</slash:comments>
		
		
			</item>
	</channel>
</rss>
