The CNP for DevOps app offers an Infrastructure-as-Code (IaC) scan functionality from Cloud Native Protector (CNP). CNP for DevOps identifies public cloud vulnerabilities such as public exposures, misconfigurations, and compliance breaches in HashiCorp Terraform templates prior to code deployment.

Features:

• Scan Terraform templates on GitHub PR events.
• Identify public exposures and misconfigurations.
• Display scan results after each scan.
• Create comments with detected issues by file name and code lines.

Prerequisites:
Authentication credentials from Cloud Native Protector Portal:
https://portal.cwp.radwarecloud.com/

Documentation:
CNP Administrator Guide (login required):
https://downloads.seculert.com/cwp/CwpUserGuide.pdf

For additional information, refer to our support: https://support.radware.com/.