Cloud misconfiguration detection- Runtime vs Static analysis

Planning, provisioning, and changing infrastructure are becoming vital to rapid cloud application development. Incorporating infrastructure-as-code into software development promotes transparency and immutability and helps prevent bad configurations upstream.In this session, we cover a simple method to write, test, and maintain infrastructure at scale using policy-as-code both in build and runtime. We will go over open source projects that analyze Terraform code and AWS accounts and compare the two approaches (detection vs static analysis) using the following projects:

https://github.com/toniblyx/prowler

https://github.com/bridgecrewio/checkov