Terrascan Extends Support for Helm, Kustomize to Create Secure Infrastructure as Code
OPA-Based architecture eases risk management across multiple cloud-native technologies.
FREMONT, CA: Accurics, the cloud cyber resilience specialist, announces that Terrascan, the open-source static code analyzer that allows developers to build secure infrastructure as code (IaC), has been extended to assist Helm and Kustomize, both projects from the Cloud Native Computing Foundation (CNCF) that have got immense popularity. This allows organizations to ensure applications on Kubernetes clusters are secure and compliant before they are deployed.
Given the increasing scale and velocity of cloud breaches, organizations need policy guardrails to ensure that cloud-native infrastructure is securely defined and managed. Now, with the additional support for Helm and Kustomize, teams using Terrascan to programmatically create Policy as Code guardrails in their high-velocity, component-based Kubernetes projects have the means to reduce security risks without impeding development. This will drive innovation and broaden the adoption of Kubernetes.
Helm is a package manager that offers an easy way to find, share, and use software built for Kubernetes. It is currently used by a variety of organizations, including AT&T, Bitnami, CERN, Conde Nast, Microsoft, and VMWare. Since its establishment, there have been more than 13,000 contributions representing over 1,500 companies. Kustomize, meanwhile, is a standalone tool used to customize Kubernetes objects. The two projects are regularly downloaded millions of times a month.
The rapid adoption of IaC allows organizations to codify policy checks early in the development lifecycle with Policy as Code (PaC). Terrascan, which is maintained by Accurics, is used by thousands of developers to implement PaC using a library of 500+ out-of-the-box policies to scan IaC against common policy standards such as the CIS Benchmark and govern Terraform and Kubernetes during development, greatly enhancing their value. It aids in spot issues such as server-side encryption misconfigurations, security groups left open for public browsing, and access logs not allowed on resources that support them. Extending these benefits to the Helm and Kustomize user base greatly expands the universe of potential advantages.
Managing risk in the diverse cloud-native ecosystem has traditionally needed numerous tools and policy sets. With better support for the Kubernetes ecosystem and open architecture based on the Open Policy Agent (OPA), Terrascan allows enterprises to protect these technologies with a single tool and consistent policies.
By Leni Kaufman, VP & CIO, Newport News Shipbuilding
By George Evans, CIO, Singing River Health System
By John Kamin, EVP and CIO, Old National Bancorp
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
By Gregory Morrison, SVP & CIO, Cox Enterprises
By Alberto Ruocco, CIO, American Electric Power
By Sam Lamonica, CIO & VP Information Systems, Rosendin...
By Sergey Cherkasov, CIO, PhosAgro
By Pascal Becotte, MD-Global Supply Chain Practice for the...
By Stephen Caulfield, Executive Director, Global Field...
By Shamim Mohammad, SVP & CIO, CarMax
By Ronald Seymore, Managing Director, Enterprise Performance...
By Brad Bodell, SVP and CIO, CNO Financial Group, Inc.
By Jim Whitehurst, CEO, Red Hat
By Clark Golestani, EVP and CIO, Merck
By Scott Craig, Vice President of Product Marketing, Lexmark...
By Dave Kipe, SVP, Global Operations, Scholastic Inc.
By Meerah Rajavel, CIO, Forcepoint
By Amit Bahree, Executive, Global Technology and Innovation,...
By Greg Tacchetti, CIO, State Auto Insurance