In a DevSecOps pipeline, a security engineer wants to automatically scan Infrastructure as Code (IaC) templates for security misconfigurations before deployment. Which tool is commonly used for static analysis of Terraform templates?
Checkov scans IaC templates for security issues.
Why this answer
Checkov is a static analysis tool specifically designed for scanning IaC files like Terraform to find security misconfigurations.