Search Results for "thc-scan"

...As you embrace Infrastructure as Code (IaC) such as Terraform, Kubernetes, Argo CD, Atlantis and AWS CloudFormation, it is important to ensure that security best practices and compliance requirements are observed. Terracan provides 500+ out-of-the-box policies so that you can scan IaC against common policy standards such as the CIS Benchmark. It leverages the Open Policy Agent (OPA) engine so that you can easily create custom policies using the Rego query language. Monitor provisioned cloud infrastructure for configuration changes that introduce posture drift, and enables reverting to a secure posture. Detect security vulnerabilities and compliance violations.

Scan cloud resources in build-time for misconfigured attributes with a simple Python policy-as-code framework. Analyze relationships between cloud resources using Checkov’s graph-based YAML policies. Execute, test, and modify runner parameters in the context of a subject repository CI/CD and version control integrations.

StreamAlert is a serverless, real-time data analysis framework that empowers you to ingest, analyze, and alert on data from any environment, using data sources and alerting logic you define. Computer security teams use StreamAlert to scan terabytes of log data every day for incident detection and response. Incoming log data will be classified and processed by the rules engine. Alerts are then sent to one or more outputs. Rules are written in Python; they can utilize any Python libraries or functions. Merge similar alerts and automatically promote new rules if they are not too noisy. ...

...Security Monkey can be extended with custom account types, custom watchers, custom auditors, and custom alerters. It works on CPython 2.7. It is known to work on Ubuntu Linux and OS X. Security Monkey accesses accounts to scan via credentials it is provided.