ZEST Expands its IaC Tool Support to include CloudFormation, Terraform, Pulumi and ARM

The rapid adoption of DevOps tools has transformed how organizations deploy and manage cloud infrastructure, enabling developers to spin up cloud resources faster than ever. However, with speed comes risks (e.g. misconfigurations and vulnerabilities introduced at the code stage). Remediating these risks requires close collaboration between security and DevOps teams, but the shared responsibility creates bottlenecks, resulting in significant delays.

While DevOps has vast knowledge of cloud infrastructure and system engineering, they are not security experts, and we can’t expect them to be. Conversely, security teams often lack the technical fluency to provide precise guidance on what exactly to fix and where.

To bridge this gap, security teams require remediation solutions that seamlessly integrate into the tools and workflows developers already use. This is where the concept of Security as Code (SaC) comes in — leveraging the same Infrastructure as Code (IaC) tools that introduced the problem to efficiently remediate it.

Today, we’re excited to announce expanded support for Infrastructure as Code (IaC) tools, now including CloudFormation, Terraform, Pulumi and ARM. This enhancement enables security and DevOps teams to collaborate more efficiently, drastically increasing the speed at which vulnerabilities and other cloud risks are remediated.

The Benefits

Seamless integration into DevOps workflows
DevOps teams use a variety of IaC tools to manage cloud infrastructure. By expanding our IaC support to include the most popular platforms, security teams can seamlessly integrate with DevOps workflows to gain visibility into what DevOps actually manages, where and how, streamlining the remediation process.

Greater context & fix precision
With expanded IaC support, security teams can more accurately pinpoint the root causes of issues down to the exact lines of code, regardless of which tool was used. This provides security and DevOps teams with clear remediation guidance on where exactly the problem needs to be fixed.

Accelerated remediation
The ZEST platform doesn’t stop at identifying problematic code. By leveraging Generative AI, the platform automatically generates replacement code, empowering security and DevOps teams with ready-to-implement fixes, drastically reducing manual effort and time to remediation.

Security as Code (SaC) Explained

Fixing an issue requires understanding how it was introduced—identifying the problematic code and the platform that was used. However, this can be extremely time consuming, and as a result, remediation efforts often involve making quick fixes directly in production, with developers making changes in the cloud console. While this approach may be fast, it increases the risk of human error, unintended overrides, and recurring vulnerabilities.

Security as Code (SaC) takes a different approach, enabling security teams to take advantage of the power and speed of DevOps systems to remediate issues at scale within secure deployment workflows. By integrating security directly into the development process, SaC ensures more precise and efficient remediation, minimizing risks and reducing the potential for future issues.

How it Works

  • Automatically pinpoint root cause: Identify the origin of the issue down to the exact lines of code that introduced the problem.
  • Generate replacement code: Leverage Generative AI to produce ready-to-implement fixes directly within the same IaC tool that introduced the risk.
  • Empower DevOps: Deliver clear, actionable guidance with the necessary context so that DevOps can implement fixes quickly.

The Bigger Picture

Implementing Security as Code (SaC) enables organizations to:

Reduce MTTR: Reduce the gap between risk identification and resolution, enabling security teams to address vulnerabilities way before they are exploited by attackers.

Maximize DevOps efficiency: Faster remediation means DevOps teams can spend more time on strategic initiatives that drive business growth, rather than being bogged down by security tickets.

Minimize operational costs: Eliminate manual remediation efforts and empower security teams to fix open security issues fast, reducing the costs associated with remediation.

Ready to see more?

Looking for a more efficient way to remediate cloud vulnerabilities and other risks? Contact our team to learn how our expanded IaC tool support is helping security and DevOps teams fix issues with greater speed and precision.

Share the Post:

Related Resources

A Conversation with Vladi Sandler: A World Beyond CNAPP

ZEST Expands its IaC Tool Support to include CloudFormation, Terraform, Pulumi and ARM

The rapid adoption of DevOps tools has transformed how organizations…

Top 6 Cloud-Native Security Controls You Must Know About

Attackers are moving faster than ever, becoming increasingly good at…

ZEST Now Supports AWS, Azure and GCP, Delivering Risk Resolution for Single and Multi-Cloud Environments

As of today, the ZEST platform now supports all three…

From Weeks to Hours: How Zest Security is Redefining Cloud Security

Security Controls for Mitigating CUPS Vulnerabilities within the Cloud

A recent vulnerability in the Common Unix Printing System (CUPS)…

5 Key Takeaways: A Conversation with Matthew Hurewitz

We recently had a conversation with Matthew Hurewitz, Director of…

A Conversation with Matthew Hurewitz: The Cost of Remediation

The Top 21 Most Promising Israeli Start Ups 2024

Essential tools with critical security challenges

Why Resolution Paths Should Replace Risk Remediation

Every holiday and during occasional long summer weekends, my teams…

The hidden risks of Terraform providers

Terraform by HashiCorp is a leading tool for DevOps engineers…

Risk Mitigation Beyond Remediation

Cloud security remains a paramount concern for enterprises. Traditional security…

ZEST Security Aims to Resolve Cloud Risks

Cybersecurity startup ZEST Security emerged from stealth with an AI-powered…

ZEST Security Exits Stealth to Resolve, not Just Flag, Enterprise Cloud Risks Using GenAI

ZEST Security exited stealth today with its AI-powered cloud risk…

ZEST Security raises $5 million Seed round for cloud risk resolution platform

The Israeli startup’s platform provides paths that offer both mitigation…

This startup doesn’t just find your weaknesses, it also fixes them

ZEST Security saw mountains of weaknesses found by other products,…

AI-powered cloud risk resolution startup ZEST Security launches with $5M in funding

Artificial intelligence-powered cloud risk resolution platform startup ZEST Security Inc….

ZEST Security, Interview With CEO Snir Ben Shimol

ZEST Security a NYC-based provider of an AI-powered cloud risk…

ZEST Security Aims to Resolve, Not Just Mitigate Cloud Risks

ZEST Security emerged from stealth with $5 million funding and…

ZEST Security Exits Stealth to Resolve, not Just Flag, Enterprise Cloud Risks Using GenAI

Raises $5M from Hanaco and Silvertech Ventures to tackle the…

Meet ZEST: AI-Powered Cloud Risk Resolution

Today is a big day for me as a founder,…

Resolving your cloud risks with ZEST!