Drift Detection and Remediation

1 min read Infrastructure & DevOps Security

Drift Detection and Remediation

Infrastructure drift occurs when actual cloud resources diverge from IaC definitions. Manual changes, cloud provider updates, or failed deployments can cause drift. Security-critical drift, like removed encryption or opened security groups, requires immediate detection and remediation.

Continuous drift detection compares actual infrastructure state with IaC templates. Tools like Terraform Cloud, AWS Config, and Azure Policy continuously monitor for drift. Integration with alerting systems ensures security teams know about critical drift immediately. Automated remediation can restore secure configurations for approved scenarios.