Decentralized IaC Security Scanner


My name is Colin and I am a Cloud Security Engineer. I have a background in security engineering and devsecops. In my current role, I focus on securing the public cloud (AWS, Azure, GCP) with a focus on infrastructure as code and a “shift left” mentality.

IaC makes provisioning infrastructure easier than ever, but it also makes introducing misconfigurations into production environments just as easy. Akash deployments are only as secure as the declarative statements in Stack Definition Language.

For this reason, I plan to develop a SDL scanning tool that is capable of detecting misconfigurations before Akash stacks are deployed. Developers can submit files to the web interface or run it as a CLI tool. Future versions would also include CI/CD integrations. The Web tool running on Akash and it will use FileBase for its storage.

I will keep this post updated with features. I’m excited about this project, and I would love to hear the community’s input!

Any funding for the application would be appreciated!
AKT address: akash1ulekf2sy5g6z86p7h0wntpsh8lfttkgcng9jwm


Great stuff Colin! Please let us know how to help you get started.