TFGaurd
Your trusted Terraform security scanner for zero-trust infrastructure.

TFGaurd is a static analysis CLI tool that scans Terraform (HCL) files for security misconfigurations and compliance violations across AWS, Azure, GCP, and Oracle Cloud. It runs entirely locally, meaning source code never leaves the user's machine, and ships with 1,200+ security rules available for free. An optional dashboard account enables scan history tracking, CI/CD token generation, and team workspaces.
Users install a lightweight CLI via pip, run a single scan command locally against their Terraform files, and receive severity-ranked findings based on 1,200+ security rules without sending code to any external server.
developers and DevOps engineers managing cloud infrastructure with Terraform
Background.
- Status
- launched
- Business model
- freemium
Similar projects.
Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.
Have a take on this space?
Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.