openPR Logo
Press release

Accurics updates open source Terrascan to help orgs detect and fix risks in Kubernetes

09-17-2020 09:42 AM CET | IT, New Media & Software

Press release from: Accurics

/ PR Agency: Contos Dunne Communications
Accurics updates open source Terrascan to help orgs detect

Terrascan extends Policy as Code to Kubernetes

September 16, 2020

Accurics is excited to announce Terrascan v1.1.0, with Kubernetes (k8s) support! Cloud native apps and infrastructure are notoriously complex and difficult to secure with traditional tools, and kubernetes adds automation and orchestration that escalate those problems to another level. Practically speaking, security automation is mandatory because it’s not realistic to expect humans to comprehend such complex, dynamic environments.

Terrascan is an extensible, open source tool that enables teams to detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. By adding k8s support to Terrascan, we’re ensuring that all teams, regardless of budget, have access to the tools they need to secure their cloud native apps and infrastructure well before they are ever deployed in the cloud.

Release 1.1.0 works with k8s YAML and JSON configurations, and includes policies for security risks present in those files. Future releases will add support for k8s infrastructure managed through other IaC providers such as Terraform.
Using Terrascan with Kubernetes
Terrascan is usually run as a portable Go binary or a Docker container. Its command line interface can easily be adapted to run it from a terminal, a script, from within a pipeline, and numerous other contexts. To use it, simply run terrascan from a directory where your kubernetes project lives.

terrascan scan -t k8s

Terrascan defaults to scanning YAML and JSON files in the current directory and subdirectories. If your project spans multiple directories, you can use the -d option one or more times to specify which directories to scan.

By default, output is sent to the terminal in YAML format.

The structured output includes a summary of the results as well as the details needed to prioritize and fix the findings. It’s suitable for humans to read, and for programmatic processing.

We’re just getting started, and we’re excited about the opportunity to help teams secure their cloud native apps and infrastructure. Join us in the community forums for more Terrascan tips and tricks, and stay tuned for more exciting announcements about new technologies and policies that cover even more of the cloud native landscape.

##

Accurics
4695 Chabot Drive
Suite 108
Pleasanton, CA 94588
Press Contact: Paula Dunne, Contos Dunne Communications Paula@contosdunne.com

As organizations focus on driving innovation, the need for agility is driving them to embrace cloud native technologies and infrastructure as code. At Accurics, we believe that this presents a unique opportunity to rethink security. Our mission is to reduce the attack surface across cloud native infrastructure in hybrid and multi-cloud environments. We are guided by three core principles; secure Infrastructure as Code, monitor cloud infrastructure in runtime, and eliminate risk posture drift.

This release was published on openPR.

Permanent link to this press release:

Copy
Please set a link in the press area of your homepage to this press release on openPR. openPR disclaims liability for any content contained in this release.

You can edit or delete your press release Accurics updates open source Terrascan to help orgs detect and fix risks in Kubernetes here

News-ID: 2135674 • Views: 581

More Releases from Accurics

Accurics Unveils GitLab Static Analysis Integration To Contextualize Risk Across …
Integration supports misconfiguration and vulnerability correlation, reducing noise and empowering developers to fix riskiest threats first PLEASANTON, Calif. – June 14, 2021 – Accurics, the cloud cyber resilience specialist, today announced a technology partnership with GitLab, a single application for the DevOps lifecycle, as well as the general availability of its integration with GitLab's Static Application Security Testing (SAST) solution. Accurics leverages the integration with GitLab to provide DevSecOps teams with
Evolving Risks, Insecure Defaults, Watering Hole Threats: New Research from Accu …
Pleasanton, CA, February 22, 2021 – Accurics, the cloud cyber resilience specialist, today unveiled its latest research, “Accurics Cloud Cyber Resilience Report,” which highlights security risks identified in cloud native environments. The findings reveal an increased adoption of managed infrastructure services and the emergence of new cloud watering hole attacks. Of all violations identified, 23 percent correspond to poorly configured managed service offerings – largely the result of default security

More Releases for Terrascan

Accurics Redefines Secure GitOps with Argo Integration for Open Source Terrascan
From KubeCon + CloudNativeCon Europe Virtual – May 5, 2021 – Accurics, the cloud cyber resilience specialist, today announced that its open source project Terrascan, which enables teams to detect compliance and security violations across Infrastructure as Code (IaC), now integrates with the Argo Project. This integration, coupled with the new Terrascan admission controller feature to enforce CNCF’s Open Policy Agent policies across the software development lifecycle, significantly enhances cloud
Evolving Risks, Insecure Defaults, Watering Hole Threats: New Research from Accu …
Pleasanton, CA, February 22, 2021 – Accurics, the cloud cyber resilience specialist, today unveiled its latest research, “Accurics Cloud Cyber Resilience Report,” which highlights security risks identified in cloud native environments. The findings reveal an increased adoption of managed infrastructure services and the emergence of new cloud watering hole attacks. Of all violations identified, 23 percent correspond to poorly configured managed service offerings – largely the result of default security