Terrascan

[jakub-i]

Hi I have been testing MSDO with Azure DevOps and looking specifically into terrascan, which I like a lot. I have noticed that terrascan is lacking in basic functionality and there seem not to be that great throughput in the project at the moment.

According to the version change log here https://runterrascan.io/docs/reference/ there has not been any new releases of terrascan for over a year.

My question is, will MSDO rely on terrascan as it continues or do you consider other options (like checkov or a like).

As an example, you can take a look at this issue: https://github.com/tenable/terrascan/issues/1453 that I have worked on lately.

The reason I ask is that it seems to be hard to get in touch with the maintainers of the terrascan project as well.

Kind Regards Jakub

[SteveBurkettNZ]

Looks like there were 10 releases of Terrascan in 2022? Last one in November.

But yeah, Checkov is a good option, they're releasing new releases often (4-5 releases a week), and when I've posed queries/questions via the Github Issues, a dev has been quick to address it.