TFGaurd

tfgaurd.com

Your trusted Terraform security scanner for zero-trust infrastructure.

Visit
TFGaurd screenshot
/ About /

TFGaurd is a static analysis CLI tool that scans Terraform (HCL) files for security misconfigurations and compliance violations across AWS, Azure, GCP, and Oracle Cloud. It runs entirely locally, meaning source code never leaves the user's machine, and ships with 1,200+ security rules available for free. An optional dashboard account enables scan history tracking, CI/CD token generation, and team workspaces.

/ How it works /

Users install a lightweight CLI via pip, run a single scan command locally against their Terraform files, and receive severity-ranked findings based on 1,200+ security rules without sending code to any external server.

/ Who it's for /

developers and DevOps engineers managing cloud infrastructure with Terraform

/ More info /

Background.

Status
launched
Business model
freemium
/ Discovered patterns /

Similar projects.

Coming soonSpektrail’s read on Security

Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.

Coming soon

Have a take on this space?

Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.