IaC
Infrastructure as Code
Infrastructure as code manages and provisions cloud resources through machine-readable definition files rather than manual configuration. In cybersecurity, IaC security scans Terraform, CloudFormation, and other templates for misconfigurations before deployment.
Cómo se usa en ciberseguridad
Security engineers integrate IaC scanning into CI/CD pipelines to catch insecure configurations early. Tools like Checkov and tfsec flag open security groups, unencrypted storage, and missing logging before resources are created. Architects define security baselines as code to ensure every deployment meets organizational standards.
Término relacionado en el glosario: infrastructure as code security
Las definiciones son explicaciones originales escritas con fines de desarrollo profesional. Para definiciones técnicas autorizadas, consulta NIST, ISO o el organismo de normalización correspondiente.