OTHER DATA PROTECTION CASE STUDIES
Customer is a leading CASB solution provider
Client demanded development of a AWS DevOps plugin that would scan IaC(Infrastructure as code) templates and container images during AWS DevOps pipelines
Sacumen developed the AWS DevOps that scans the IaC templates and container images. Purpose is to identify the insecure configurations in common Infrastructure-as-Code (IaC) templates – for example, AWS Cloud Formation Templates, Terraform templates, Kubernetes App Deployment YAML files and identify vulnerabilities in container images
Sacumen developed the AWS Lambda function for IAC Scan which can be downloaded from our Devops web console.
Scan API details such as API URL, API Key are Added as Environment Variables while installing the lambda function.
The installed lambda function is added as a Stage in Code Pipeline which makes the REST API call to the platform to perform the scan.
Failure criteria is added as configuration for the Stage. If the failure conditions are met then the build will fail.
Once you’ve executed your pipeline, you can view the execution results. Select the Details to see the latest logs to view any security violations that are identified.