- pRICING -

CoGuard, Static Analysis for Configuration Files

Community

2 users
Always
Free
Get Started

Team

up to 10 users
Starting at
$500/m
Contact us

Enterprise

unlimited users
Starting at
$1499/m
Contact us

Custom

unlimited users
Starting at
$2499/m
Contact us
Account Features
Community
Team
Enterprise
Custom
Auto Discovery of Configuration Files
Docker images
Custom Docker repository
Linux containers
Windows containers
Code Repository Location
Public
Private
On premise
Supported Tools
Jenkins
BitBucket Pipelines
GitHub Actions
GitLab
Azure DevOps
Circle CI
IaC Configurations & Tools
IaC single cloud environment
IaC multi cloud environments
Kubernetes
Audit Manifest
Custom Policies

GitHub
GitLab
TerraForm
Progress Chef
Puppet
Docker
CoGuard CLI
Azure Pipelines
GitHub Actions
Jenkins
Bitbucket Pipelines
GitHub
GitLab
TerraForm
Progress Chef
Puppet
Docker
CoGuard CLI
Azure Pipelines
GitHub Actions
Jenkins
Bitbucket Pipelines
TerraForm
Puppet
Progress Chef
Jenkins
GitLab
GitHub Actions
GitHub
Docker
CoGuard CLI
Bitbucket Pipelines
Azure Pipelines
TerraForm
Puppet
Progress Chef
Jenkins
GitLab
GitHub Actions
GitHub
Docker
CoGuard CLI
Bitbucket Pipelines
Azure Pipelines
FAQ

Frequently Asked Questions

We are here to help. You can email us additional questions at any time: info@coguard.io.

How is CoGuard different from other policy engines?

CoGuard scans more than individual configuration files.

We understand the connections between different software configurations and can ensure configurations and policies are evaluated within the context of deployment. We have a simple way of defining custom rules that allow clients the ability to extend and customize using a Python API. Integrations can be completed using existing DevOps tool stack.

Will CoGuard disrupt our workflow?

It's your workflow. It is entirely up to you. Your security policies can enforce a clean CoGuard report as a pre-requisite for a deployment or not.

Many clients choose to adjust the script in their CI/CD pipeline to have the most severe security vulnerabilities stop deployment (level 4 and 5) until fixed. Remediation steps are provided by CoGuard.

My infrastructure is pretty static, it doesn't change that often. I'm not at risk. Do I need to change my build process?

Best practices for configurations are dynamic and change over time as new security recommendations are added.

For example, Log4Shell as an example. CoGuard would have pointed you at the files on the respective hosts, on the cloud and on premise, enabling you to remediate this issue instantly, without having to manually search for the respective files.

Allowing you to disable the vulnerable configurations, eliminating the configuration settings causing the vulnerability, while the team waits for the update or patch.

I do not use Terraform or other IaC tools. Where does CoGuard fit?

While we consider IaC best practice for many reasons, CoGuard picks you up where you are at in your journey of better IT infrastructure, from simple individual configuration checks to more complicated cross-dependency policy enforcement.

Are you an agent-based solution or an API access based one?

Neither. While we have ways to detect configuration drift using agents or API access. Our primary mission is to change the way people secure and set up infrastructure.

Ideally, all scanning should be done in advance, using each and every configuration file (similar like static analysis for code).

Support

Have more questions for us? Ask us anything.

Our team of experts are on standby to answer any questions you may have.

Contact Us Today

Static analysis
for config files

Automated tools for discovering, scanning and securing the configuration files for IaC, containers, applications and their interdependencies.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.