IntroducingBrainIAC
BrainIAC uses static code analysis to analyze IAC code to detect security issues before deployment. This tool can scan for issues like security policy misconfigurations, insecure cloud-based services, and compliance issues.
An Open Source tool for Infrastructure as Code
BrainIAC performs a comprehensive code scan and generates reports containing detailed insights into the identified issues.
Scans IAC files for misconfiguration.
Converts between formats such as JSON and Table brainIAC own format.
Has hundreds of pre-defined rules.
Scans a target directory to fill in multiple results.
Provides a comprehensive index of Kubernetes policies
Prevent specific workloads from deploying in the cluster.
• Finds vulnerabilities with static code analysis
• Scans for misconfiguration and compliance issues
• Generates detailed reports
• Scans for misconfiguration and compliance issues
• Generates detailed reports
Offers an extensive directory of Terraform AWS, ARM and OCI policies index.
Provisioning and managing infrastructure resources.
• Seamless resource creation
• Naming convention for resources
• Ensure access controls
• Naming convention for resources
• Ensure access controls
Coming soon in different platforms
BrainIAC will be on more platforms in the future.
Terraform
• Azure Resource Manager
• Google Cloud Platform
• Alibaba Cloud
• Kubernetes
• DigitalOcean
• Yandex Cloud
• Palo Alto Networks
• Azure Resource Manager
• Google Cloud Platform
• Alibaba Cloud
• Kubernetes
• DigitalOcean
• Yandex Cloud
• Palo Alto Networks
Others
• Docker
• CloudFormation
• Serverles Framework
• AWS SAM
• ARM Template Files
• Docker
• CloudFormation
• Serverles Framework
• AWS SAM
• ARM Template Files
Supported Installation OS
BrainIAC currently supports the following operating systems:
WINDOWS INSTALLATION
BrainIAC is compatible with Windows OS and is optimized for amd64 architecture. It can be run on Windows machines to protect your IaC files from a variety of potential threats.
MAC INSTALLATION
With support for both arm64 and amd64 architectures, BrainIAC effectively scans and analyzes your IaC files on Mac.
LINUX INSTALLATION
BrainIAC provides comprehensive IaC analysis and supports amd64, arm64, ppc64le, and s390x on Linux.
Installation Guide
Supercharge the security of your IaC files and elevate your defenses. Install BrainIAC, the latest open-source security scanning and analysis tool in the market!
Recommended
curl -sSfL https://raw.githubusercontent.com/carbonetes/brainiac/main/install.sh | sh -s -- -d /usr/local/bin
You can specify a release version and destination directory for the installation:
curl -sSfL https://raw.githubusercontent.com/carbonetes/brainiac/main/install.sh | sh -s -- -d -v
Getting Started
You can specify a release version and destination directory for the installation:
brainiac -f
Scan multiple file in a directory
brainiac -d .
Using Docker
docker pull carbonetes/brainiac
Scan a directory
docker run -t -v {path_to_host_folder}:/tmpPath carbonetes/brainiac:latest -d /tmpPath Scan a single file
docker run -t -v {path_to_host_folder}:/tmpPath carbonetes/brainiac:latest -f /path/{filename}.{extension} Available Commands and their flags with description:
Brainiac [flag]
| Root Flags | Description |
| -f --file | File to scan |
| -d -dir | Read directly from a path on disk (any directory) (e.g. 'brainiac -d path/to/dir)' (can not be used together with --file). |
| -o --output | Format to display results (table, json) (default "table") |
| -v --version | Print BrainIAC version |
Output Formats
The output format for BrainIAC is configurable as well using the -o (or --output ) option:
The available formats are:
- table : A Tabular summary (default).
- json : Use this to get as much information out of BrainIAC.
Get started With BrainIAC
GitHub