Content has been migrated to https://github.com/aquasecurity/defsec.
This repository is a collection of policies for detecting mis-configurations, specifically security issues, in configuration files and Infrastructure as Code definitions.
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change. Please make sure to update tests as appropriate.
While building this repository, we were inspired by the following projects and would like to acknowledge their contribution to this repository:
- https://github.com/hadolint/hadolint
- https://github.com/Checkmarx/kics
- https://github.com/controlplaneio/kubesec
- https://github.com/aquasecurity/tfsec
- https://kubernetes.io/docs/concepts/security/pod-security-standards/
- https://docs.docker.com/develop/develop-images/dockerfile_best-practices/