Skip to content
>_
SecOps
Log
_
Home
Courses
Learning path
Resources
Topics
Blog
All courses
Checkov & IaC scanning
Intermediate
3 sections · 12 lessons · ~5h total · 12-question self-test
Start course
01
Beginner
4 lessons
Test yourself
01
What IaC scanning finds
Misconfigurations, before deploy.
12 min
02
Install & first scan
checkov -d and reading results.
10 min
03
Reading & triaging findings
Checks, severity, guides.
12 min
04
Frameworks: Terraform, k8s, more
One tool, many IaC types.
10 min
02
Intermediate
4 lessons
Test yourself
01
Suppressions done right
Skip with a reason, not blindly.
14 min
02
Custom policies
YAML and Python checks.
14 min
03
Scanning plan vs code
Catch what only appears at plan.
12 min
04
Baselines & incremental adoption
Onboard a legacy repo sanely.
12 min
03
Advanced
4 lessons
Test yourself
01
The scanner landscape
tfsec/Trivy, Terrascan, KICS, Snyk.
14 min
02
Secrets, SBOM & image overlap
Where scanners meet.
12 min
03
Enforcing in CI/CD
Gate without alert fatigue.
14 min
04
Running it as a program
Policy, exceptions, metrics.
12 min
Final exam
Test yourself on everything
12 questions drawn from all 3 sections — every answer explained as you pick.
Start final exam