Introduction

The Meterian ISAAC scanner is a scanner for cloud infrastructure code that detects security and compliance misconfiguration. It integrates with:

• two open source scanners

• a final validation stage on the cloud for added accuracy

ISAAC comes with a curated set of policies that cover not only security but also compliance and best practices. It also detects sensitive information that may be present in the code, such as credentials, authorisation tokens, and various forms of keys.

Supported tools and platforms:

• Terraform

• Cloudformation

• Kubernetes/Helm

• ARM templates / Bicep