As we all know by now, Infrastructure as Code (IaC) is creating an incredible opportunity for those who care about security: enforcing security and compliance… Read More

Leaving unused roles in your AWS environment can cause real trouble. Cloudrail can identify unused roles managed by your Terraform code and alert you within CI.

Leaving unused roles in your AWS environment can cause real trouble. Cloudrail can identify unused roles managed by your Terraform code and alert you within CI.

Learn how to use IaC security tools to build secure S3 buckets from the get-go, instead of fixing them after they’re in production.

Learn how to use IaC security tools to build secure S3 buckets from the get-go, instead of fixing them after they’re in production.

Cloudrail allows users of IaC to use AWS’s new policy validation capabilities within the CI/CD pipeline, without any additional work.

So, your team, or even possibly your entire organization, has decided to standardize on using infrastructure-as-code to define IAM entities within cloud environments. For example,… Read More

A lot has been written about the potential for privilege escalation in AWS, due to the use of permissive IAM permissions. These permissions, which may… Read More

In this blog post, we compare the results of Indeni Cloudrail with other leading IaC security tools, such as Checkov and tfsec, and show how Cloudrail reduces the noise by 3x.

Treating your cloud infrastructure as code (IaC) enables you to handle the growth in demand for your applications. Additionally, you are adopting IaC to scale… Read More