Terrascan is a static code analyzer for Infrastructure as Code.
Terrascan allows you to:

 - Seamlessly scan infrastructure as code for misconfigurations.
 - Monitor provisioned cloud infrastructure for configuration changes
   that introduce posture drift, and enables reverting to a secure
   posture.
 - Detect security vulnerabilities and compliance violations.
 - Mitigate risks before provisioning cloud native infrastructure.
 - Offers flexibility to run locally or integrate with your CI/CD.
