View Blog Post

Custom Rule Distribution Enhancements for cfn_nag

Introduction The cfn_nag tool is a static analysis tool for finding obvious security weaknesses in CloudFormation templates.   The core product includes rules that apply universally across environments and enterprises.  That said, the product supports the development of custom rules to allow enterprise-specific rules for compliance and security controls. For more information on developing custom rules Read more…

View Blog Post

Validating AWS CloudFormation templates with cfn_nag and mu

Stelligent cfn_nag is an open source command-line tool that performs static analysis of AWS CloudFormation templates. With cfn_nag you can check for: Static code analysis of AWS CloudFormation Block undesirable resource specifications Proactive preventative control – stop before creating resources Enforceable in a deployment pipeline Here are some examples of the types of checks cfn_nag Read more…