Accurics Announces Argo Integration for Open Source Terrascan
May 06, 2021

Accurics announced that its open source project Terrascan, which enables teams to detect compliance and security violations across Infrastructure as Code (IaC), now integrates with the Argo Project.

This integration, coupled with the new Terrascan admission controller feature to enforce CNCF’s Open Policy Agent policies across the software development lifecycle, significantly enhances cloud security as developers adopt a GitOps approach.

Argo, an open source GitOps engine for Kubernetes, synchronizes Kubernetes clusters, making it easier to specify, schedule and coordinate the running of complex workflows and applications on Kubernetes. Terrascan can scan repositories for violations, and its integration with Argo brings these capabilities to the cluster through automated processes that extend from the source code to the controller. The automatic process ensures that the full pipeline, from development to end-user machine, is secure and fully aligned.

“Optimal security in cloud native infrastructure requires constant innovation at different levels of the architecture, with seamless integration, revitalized support, and ongoing deployments,” said Om Moolchandani, co-founder, CTO & CISO at Accurics. “As the Kubernetes ecosystem expands and developers adopt GitOps with Infrastructure as Code and Deployment as Code, they need security tools that fit into these automated, codified workflows where experts cannot review every finding. Kubernetes clusters need advances such as Terrascan, and Accurics is proud to be at the forefront of this vital movement with regular advances in security to harness the full potential of this technology and enable self-healing cloud-native infrastructure.”

This follows the release of Terrascan's admission controller, a new capability to apply Policy as Code (PaC) uniformly across the software development lifecycle. PaC has gained popularity for establishing guardrails in the development process, enabling the detection of misconfigurations in Kubernetes manifests ahead of production. It’s critical for these policies to also govern deployments in runtime, since the production environment can be modified directly through the CSP or Kubernetes controller. However, PaC tools used in pipelines and in production are typically quite distinct, with different implementations, policy libraries, and control/reporting architectures. Leveraging Terrascan as an IaC scanner alongside Terrascan’s admission controller, on the other hand, consistently enforces the same policies across build and deployment of the application.

Additionally, Accurics recently released Terrascan integration with Atlantis, a popular open source Terraform automation platform that leverages an organization’s code repository, such as Git, to streamline and automate Terraform workflows. With integration directly into Atlantis, Terrascan ensures that scan results are reported as part of the same pull request workflow, providing a welcome level of security for this powerful approach to managing complex cloud infrastructure across multiple teams. Building on advanced automation, Terrascan can also fail the automated build if a particularly severe vulnerability is identified.

Share this

Industry News

April 02, 2025

Kong announced the launch of the latest version of Kong AI Gateway, which introduces new features to provide the AI security and governance guardrails needed to make GenAI and Agentic AI production-ready.

April 02, 2025

Traefik Labs announced significant enhancements to its AI Gateway platform along with new developer tools designed to streamline enterprise AI adoption and API development.

April 02, 2025

Zencoder released its next-generation AI coding and unit testing agents, designed to accelerate software development for professional engineers.

April 02, 2025

Windsurf (formerly Codeium) and Netlify announced a new technology partnership that brings seamless, one-click deployment directly into the developer's integrated development environment (IDE.)

April 02, 2025

Opsera raised $20M in Series B funding.

April 02, 2025

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, is making significant updates to its certification offerings.

April 01, 2025

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the Golden Kubestronaut program, a distinguished recognition for professionals who have demonstrated the highest level of expertise in Kubernetes, cloud native technologies, and Linux administration.

April 01, 2025

Red Hat announced new capabilities and enhancements for Red Hat Developer Hub, Red Hat’s enterprise-grade internal developer portal based on the Backstage project.

April 01, 2025

Platform9 announced that Private Cloud Director Community Edition is generally available.

March 31, 2025

Sonatype expanded support for software development in Rust via the Cargo registry to the entire Sonatype product suite.

March 31, 2025

CloudBolt Software announced its acquisition of StormForge, a provider of machine learning-powered Kubernetes resource optimization.

March 31, 2025

Mirantis announced the k0rdent Application Catalog – with 19 validated infrastructure and software integrations that empower platform engineers to accelerate the delivery of cloud-native and AI workloads wherever the\y need to be deployed.

March 31, 2025

Traefik Labs announced its Kubernetes-native API Management product suite is now available on the Oracle Cloud Marketplace.

March 27, 2025

webAI and MacStadium(link is external) announced a strategic partnership that will revolutionize the deployment of large-scale artificial intelligence models using Apple's cutting-edge silicon technology.

March 27, 2025

Development work on the Linux kernel — the core software that underpins the open source Linux operating system — has a new infrastructure partner in Akamai. The company's cloud computing service and content delivery network (CDN) will support kernel.org, the main distribution system for Linux kernel source code and the primary coordination vehicle for its global developer network.