Performs static analysis of Terraform code to detect security vulnerabilities and configuration drift. Now integrated into Trivy, it provides lightning-fast scanning without requiring external dependencies.
Tech Stack
GoDevOps & CI/CD
Why tfsec?
• Extremely fast execution
• No cloud credentials required
• Clear remediation advice
Limitations
• Limited to Terraform
• Fewer policies than Checkov
• Now merged into Trivy
3/5/2026
Last Update
554
Forks
14
Issues
MIT
License
Financial Leak Detected
Stop the "SaaS Tax"
Your team could be burning cash. Switching to tfsec instantly boosts your runway.
