Prevent new incidents

Beta program

Please note that the IaC prevention features are currently in beta.

Install ggshield

ggshield is an open source CLI application that runs in your local environment or in a CI environment to help you detect more than 100+ types of IaC vulnerabilities in your code. Follow these steps to get started!

Minimum required version

Please note that you will need version 1.17.0 or higher of ggshield, that provides the ggshield iac command.

Start scanning for IaC vulnerabilities

To detect IaC vulnerabilities in a local directory containing Infrastructure as Code files, start by executing the following command:

ggshield iac scan all PATH_TO_IAC_FOLDER

To detect IaC vulnerabilities in a CI/CD pipeline, start by executing the following command from the CI:

ggshield iac scan ci

CLI Reference

For more information, please check the CLI Reference

Prevent new incidents

Install ggshield

Start scanning for IaC vulnerabilities

Was this page helpful?

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

Prevent new incidents

Install ggshield​

Start scanning for IaC vulnerabilities​

Was this page helpful?

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

Subscribe to our newsletter

Install ggshield

Start scanning for IaC vulnerabilities