"I hate DevOps, you are not thinking about security!" This is a real quote. Let's try to prove it is not the truth!
Infrastructure as Code is one of the pillars of "best practices" in DevOps world now. It is more and more popular to use it through CI/CD pipelines, but... what about security? Do we really care about it?
In this talk we will explore a few Terraform scanners and we will try to answer to one question: are these tools good enough to be security scanners of Infrastructure as code?