Accurics seamlessly integrates into your DevOps lifecycle and scans infrastructure as code such as Terraform, Kubernetes YAML at pre-commit or post-commit level.
There are various stages where Accurics integrates into your devOps lifecycle to provide end to end cloud security, these stages are: –
- Pre-Commit Stage – at this stage, Accurics download the CLI from your Accurics tenant that can scan your Terraform code at the developer machine even before the code is checked in to a source code management system (Github, Bitbucket, Gitlab).
- Post-Commit Stage – Similar to the pre-commit stage, Accurics can directly integrate into your respective SCM tools CM such as Github/Bitbucket or Gitlab and can scan your infrastructure as code (IAC).
- Build Stage / CI/CD – Accurics provides guardrails against any unresolved misconfigurations or vulnerabilities that are to be pushed into your runtime environment. Accurics integrates with CI/CD tools such as Jenkins/CircleCI pipelines to monitor the builds and prevent misconfigurations going into runtime by stopping the build.
- Run-time/Cloud Service Provider – Accurics scans your cloud for security risks and compliance violations without installing any agents into your runtime infrastructure. It also monitors the infrastructure that is deployed across AWS, Azure, and GCP to alert any changes in production that can introduce cloud posture drift.