Meterian ISAAC (Infrastructure As Code Scanning) is a security scanning tool designed to identify vulnerabilities, misconfigurations, and policy violations within Infrastructure as Code (IaC) templates. The scanner supports a range of IaC languages and formats including ARM templates, CloudFormation, Kubernetes/Helm, Terraform, and Serverless, with planned support for Chef, Puppet, Ansible, and Docker. Key capabilities include: - Detection of security issues, compliance gaps, and best practice deviations across IaC configurations - Identification of sensitive information embedded in code, such as credentials and authorization tokens - A curated policy library of over 1,000 policies used to evaluate IaC templates - High-precision scanning with a focus on minimizing false positives ISAAC integrates with CI/CD pipelines to automate security checks as part of the deployment process, enabling security validation on every infrastructure change without requiring manual audits. Scan results are surfaced through the Meterian dashboard and exported in multiple report formats, providing actionable insights to help teams address policy violations and maintain compliance. The tool is positioned for use early in the software development lifecycle, allowing teams to catch and remediate infrastructure security issues before deployment rather than after.