Scan Your infrastructure-as-code (IaC) for Misconfigurations
Description
Cloud misconfigurations occur when resources have not been constructed properly, leaving your systems vulnerable to attack. Cloud environment misconfigurations can cause system outages, unwanted downtime, or security risks. Causes can include overly complex environments, insufficient security practice knowledge, and human error due to manual processes. Jit integrates SAST for IaC into CI/CD to automatically run a full scan of your repositories. Scans are also initiated for every subsequent pull request.
| Stack layer | Security domain | Security tool initiated by this item |
|---|---|---|
| Cloud Security | Infrastructure-as-code scanning | KICS for Terraform, Serverless Framework, Pulumi, CloudFormation, AWS CDK output |
Remediation
Jit provides code-level remediation for more than 200 IaC misconfigurations. You can view remediation suggestions either in the Actions page, or in the pull request comments.
For a description of how remediations are applied in the SCM, see Automated Remediation.
Updated 4 months ago