The security scans are conducted on cloud resources after deployment in the current continuous integration and continuous deployment (CICD) environment. As a result, you secure your cloud resources post-deployment to respective Cloud accounts.
With an introduction of the Infrastructure as Code (IaC) security feature as a VSCode extension by Qualys TotalCloud, you can now secure your IaC templates before the cloud resources are deployed in your cloud environments. The IaC Security feature helps you shift cloud security and compliance posture to the left, allowing evaluation of cloud resources for misconfigurations much earlier during the development phase.
The Qualys IaC Security VSCode extension empowers DevOps teams to build Infrastructure as Code (IaC) scans into their existing CI/CD processes. By integrating scans this way, cloud misconfigurations are detected and remediated earlier in the SDLC to catch and eliminate security flaws.
For supported templates, other integrations, and features of Cloud IaC Security, refer to TotalCoud Online Help and TotalCloud API User Guide.
Ensure that you have the required subscription and permissions as stated below. ·
Next step: