tfsec
« Back to VersTracker
Description:
Static analysis security scanner for your terraform code
Type: Formula  |  Tracked Since: Dec 28, 2025
Links: Homepage  |  @aquasecurity  |  formulae.brew.sh
Category: Security
Tags: security terraform devops static-analysis iac compliance
Install: brew install tfsec
About:
Tfsec is a static analysis tool that scans Terraform code to detect security misconfigurations and compliance issues before infrastructure is deployed. It uses a comprehensive library of rules to identify common vulnerabilities in cloud providers like AWS, Azure, and GCP. The tool integrates into CI/CD pipelines to enforce security best practices automatically.
Key Features:
  • Scans Terraform code for security misconfigurations
  • Supports AWS, Azure, GCP, and Kubernetes
  • Provides clear remediation guidance
  • CI/CD friendly with customizable rules
Use Cases:
  • Preventing cloud infrastructure security vulnerabilities
  • Enforcing security compliance in CI/CD pipelines
  • Auditing existing Terraform codebases
Alternatives:
  • Checkov – Similar static analysis tool with broader multi-language support
  • Terrascan – Alternative IaC scanner with policy-as-code approach
Version History
Detected Version Rev Change Commit
Jan 11, 2025 5:08am 0 VERSION_BUMP b4dd59d6
Jan 3, 2025 2:33am 0 VERSION_BUMP bb48acce
Nov 10, 2024 3:04pm 0 VERSION_BUMP 4fc59d92
Jul 3, 2024 12:58am 0 VERSION_BUMP bb2e2cdd
May 7, 2024 6:48am 0 VERSION_BUMP 4040b271
Sep 11, 2023 5:26am 0 VERSION_BUMP 141009d2
Sep 7, 2023 3:29pm 0 VERSION_BUMP 1798ceea
« Back to VersTracker  |  Browse Packages  |  About