Hello everyone, I am searching for a self-hosted or open-source IaC/code scanning platform (not tools such as Checkov and Trivy but more like bridgecrew.io or aquasecurity). If you have any recommendations or are currently using one, please let me know.
a
Andre Marcelo-Tanner
03/24/2023, 5:35 PM
We use snyk
Sorry its not open
b
Bishwa
03/24/2023, 5:53 PM
Hey @Andre Marcelo-Tanner, thanks for helping out. Let me know if you remember sth that's open source or self hosted.
d
david
03/27/2023, 9:41 PM
Checkov is the OSS version from bridgecrew
s
Steve Soutar
04/05/2023, 2:51 PM
I have been informally trialling both checkov & tfsec - both are similar, and equally useful to me so far