Accurics Announces Argo Integration for Open Source Terrascan
May 06, 2021

Accurics announced that its open source project Terrascan, which enables teams to detect compliance and security violations across Infrastructure as Code (IaC), now integrates with the Argo Project.

This integration, coupled with the new Terrascan admission controller feature to enforce CNCF’s Open Policy Agent policies across the software development lifecycle, significantly enhances cloud security as developers adopt a GitOps approach.

Argo, an open source GitOps engine for Kubernetes, synchronizes Kubernetes clusters, making it easier to specify, schedule and coordinate the running of complex workflows and applications on Kubernetes. Terrascan can scan repositories for violations, and its integration with Argo brings these capabilities to the cluster through automated processes that extend from the source code to the controller. The automatic process ensures that the full pipeline, from development to end-user machine, is secure and fully aligned.

“Optimal security in cloud native infrastructure requires constant innovation at different levels of the architecture, with seamless integration, revitalized support, and ongoing deployments,” said Om Moolchandani, co-founder, CTO & CISO at Accurics. “As the Kubernetes ecosystem expands and developers adopt GitOps with Infrastructure as Code and Deployment as Code, they need security tools that fit into these automated, codified workflows where experts cannot review every finding. Kubernetes clusters need advances such as Terrascan, and Accurics is proud to be at the forefront of this vital movement with regular advances in security to harness the full potential of this technology and enable self-healing cloud-native infrastructure.”

This follows the release of Terrascan's admission controller, a new capability to apply Policy as Code (PaC) uniformly across the software development lifecycle. PaC has gained popularity for establishing guardrails in the development process, enabling the detection of misconfigurations in Kubernetes manifests ahead of production. It’s critical for these policies to also govern deployments in runtime, since the production environment can be modified directly through the CSP or Kubernetes controller. However, PaC tools used in pipelines and in production are typically quite distinct, with different implementations, policy libraries, and control/reporting architectures. Leveraging Terrascan as an IaC scanner alongside Terrascan’s admission controller, on the other hand, consistently enforces the same policies across build and deployment of the application.

Additionally, Accurics recently released Terrascan integration with Atlantis, a popular open source Terraform automation platform that leverages an organization’s code repository, such as Git, to streamline and automate Terraform workflows. With integration directly into Atlantis, Terrascan ensures that scan results are reported as part of the same pull request workflow, providing a welcome level of security for this powerful approach to managing complex cloud infrastructure across multiple teams. Building on advanced automation, Terrascan can also fail the automated build if a particularly severe vulnerability is identified.

Share this

Industry News

April 07, 2025

Appfire announced its launch of the Appfire Cloud Advantage Alliance.

April 07, 2025

Salt Security announced API integrations with the CrowdStrike Falcon® platform to enhance and accelerate API discovery, posture governance and threat protection.

April 07, 2025

Lucid Software has acquired airfocus, an AI-powered product management and roadmapping platform designed to help teams prioritize and build the right products faster.

April 03, 2025

StackGen has partnered with Google Cloud Platform (GCP) to bring its platform to the Google Cloud Marketplace.

April 03, 2025

Tricentis announced its spring release of new cloud capabilities for the company’s AI-powered, model-based test automation solution, Tricentis Tosca.

April 03, 2025

Lucid Software has acquired airfocus, an AI-powered product management and roadmapping platform designed to help teams prioritize and build the right products faster.

April 03, 2025

AutonomyAI announced its launch from stealth with $4 million in pre-seed funding.

April 02, 2025

Kong announced the launch of the latest version of Kong AI Gateway, which introduces new features to provide the AI security and governance guardrails needed to make GenAI and Agentic AI production-ready.

April 02, 2025

Traefik Labs announced significant enhancements to its AI Gateway platform along with new developer tools designed to streamline enterprise AI adoption and API development.

April 02, 2025

Zencoder released its next-generation AI coding and unit testing agents, designed to accelerate software development for professional engineers.

April 02, 2025

Windsurf (formerly Codeium) and Netlify announced a new technology partnership that brings seamless, one-click deployment directly into the developer's integrated development environment (IDE.)

April 02, 2025

Opsera raised $20M in Series B funding.

April 02, 2025

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, is making significant updates to its certification offerings.

April 01, 2025

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the Golden Kubestronaut program, a distinguished recognition for professionals who have demonstrated the highest level of expertise in Kubernetes, cloud native technologies, and Linux administration.

April 01, 2025

Red Hat announced new capabilities and enhancements for Red Hat Developer Hub, Red Hat’s enterprise-grade internal developer portal based on the Backstage project.