cis-benchmarks
Safeguard articles tagged "cis-benchmarks" — guides, analysis, and best practices for software supply chain and application security.
5 articles
Automating cloud compliance checks in Terraform and CloudFormation pipelines
Terrascan went fully archived in November 2025. Here's how to gate CIS and SOC 2 checks in Terraform/CloudFormation pipelines with tools still standing.
Cloud Security Standards & Frameworks (ISO/IEC, NIST, CIS)
ISO 27001:2022, NIST CSF 2.0, and CIS Benchmarks now expect software supply chain proof that cloud posture tools like Wiz can't provide alone. Here's what changed and why it matters.
What Is Security Hardening?
Security hardening reduces a system's attack surface by removing what it does not need and configuring the rest safely. Learn the principles, benchmarks, and how to apply it.
CIS Benchmarks
A precise definition of CIS Benchmarks, how they differ from CIS Controls, and what compliance scanning against them looks like in real environments.
How Snyk IaC's 400+ rule library maps to CIS benchmarks a...
How Snyk IaC's 400+ rules trace to numbered CIS AWS, Azure, GCP, and Kubernetes benchmark controls — and where benchmark-mapped scanning stops short.