Feature/lab6

[ostxxp]

Goal

Briefly describe the purpose of this PR.

The purpose of this PR is to complete Lab 6: Infrastructure-as-Code Security Scanning and Comparative Analysis.
The lab evaluates multiple IaC security scanning tools across Terraform, Pulumi, and Ansible configurations and compares their findings.

Changes

• Ran tfsec, Checkov, and Terrascan on the vulnerable Terraform infrastructure.
• Generated Terraform security reports and summary comparison.
• Scanned Pulumi infrastructure with KICS and produced JSON/HTML/TXT reports.
• Scanned Ansible playbooks with KICS and produced analysis results.
• Created summary analysis files:
  • terraform-comparison.txt
  • pulumi-analysis.txt
  • ansible-analysis.txt
  • tool-comparison.txt
• Added final lab report submission6.md including:
  • Tool Comparison Matrix
  • Category Analysis
  • Top 5 Critical Findings
  • Tool Selection Guide
  • Lessons Learned
  • CI/CD Integration Strategy

Testing

• Terraform code was scanned using three tools:
  • tfsec
  • Checkov
  • Terrascan
• Pulumi and Ansible code were scanned using KICS.
• Generated reports were verified and summarized in the analysis files.
• Security reports confirmed that vulnerable configurations were correctly detected by the scanning tools.

Artifacts & Screenshots

Security scan outputs and reports are included in:

labs/lab6/analysis/

Artifacts include:

• Terraform scan reports (tfsec, Checkov, Terrascan)
• Pulumi KICS reports
• Ansible KICS reports
• Aggregated comparison summaries

Checklist

• Clear and descriptive title
• Documentation updated if needed
• No secrets or temporary files included