infrastructure-as-code
Safeguard articles tagged "infrastructure-as-code" — guides, analysis, and best practices for software supply chain and application security.
28 articles
How Snyk IaC identifies unencrypted storage resources acr...
Snyk IaC flags unencrypted S3 buckets, Azure Storage, and GCP disks by parsing Terraform and CloudFormation for missing encryption attributes before deployment.
IaC Drift: The Gap Between Declared and Actual Cloud Conf...
IaC drift lets your cloud diverge silently from Terraform state, breaking the compliance guarantees teams assume are still true. Here's how it happens and how to catch it.
Ansible Galaxy Security Risks: The Infrastructure Supply Chain You Forgot About
Ansible Galaxy roles and collections execute with root privileges on your infrastructure. Most teams apply zero security scrutiny to them.
Terraform Provider Verification: Securing Your Infrastructure as Code Supply Chain
Terraform providers are plugins that execute with full access to your infrastructure credentials. Verifying their integrity is not optional.