defsec

DefSec is a collection of Infrastructure-as-Code rules.

These rules as defined in Go (and potentially rego etc. in future too.)

Defining DefSec rules in this central repository means they can be used from various projects, regardless of the IaC implementation. For example, DefSec is currently used by both tfsec (for Terraform) and cfsec (CloudFormation). The same logic is applied to cloud resources defined in both source formats, but it is the job of the individual tool to translate the resource definitions for it's respective language to the shared DefSec format.

There's a detailed walkthrough for creating a new check in the tfsec contributing guide.

Please feel free to raise issues/discussions for anything else, or join us on Slack!.

Name		Name	Last commit message	Last commit date
Latest commit History 628 Commits
.github		.github
adapters		adapters
avd_docs		avd_docs
cidr		cidr
cmd		cmd
formatters		formatters
integration		integration
loader		loader
parsers		parsers
providers		providers
rego		rego
rules		rules
scanners		scanners
scripts		scripts
security		security
severity		severity
state		state
test		test
.codespellignore		.codespellignore
.gitignore		.gitignore
.golangci.yml		.golangci.yml
.vimspector.json		.vimspector.json
CODE_OF_CONDUCT.md		CODE_OF_CONDUCT.md
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
go.mod		go.mod
go.sum		go.sum
golangci-lint.yml		golangci-lint.yml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

defsec

About

Releases

Packages

Languages

License

daveyshmave/defsec

Folders and files

Latest commit

History

Repository files navigation

defsec

About

Resources

License

Code of conduct

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages