Gomboc AI - Cloud Security for IaC
Shift security left and eliminate cloud misconfigurations directly in your VSCode IDE. Build secure infrastructure with real-time fixes, compliance automation, and contextual guidance. Start your free trial with Gomboc AI today!
Overview
The Gomboc.ai VSCode Plugin transforms how developers handle cloud security in Infrastructure as Code (IaC). By integrating directly into your IDE, it eliminates security bottlenecks, automates compliance, and provides actionable fixes in real time—so you can deploy faster and safer.
Key Features
- Real-Time Security Guardrail
Catch misconfigurations and vulnerabilities as you code. Get instant feedback and one-click fixes for AWS, Azure, and GCP IaC templates.
- Automated Compliance
Enforce security best practices and regulatory standards (CIS, NIST CSF, etc.) without manual reviews. Gomboc auto-remediates issues to keep deployments compliant.
- Accelerate CI/CD Pipelines
Reduce security delays in code reviews. Ship features faster by resolving issues before they reach production.
- GitOps Integration
Embed security into pull requests and Git workflows. Aligns with DevOps practices to ensure "secure-by-default" infrastructure.
- Contextual Guidance
Understand why a security control matters and how to implement it—eliminates hours of research.
Getting Started
To begin using the Gomboc VSCode plugin, you will need to acquire an API key. You can follow the directions for API key creation if you have a Gomboc subscription or you can get started with a free trial.
Once you have the API key go to Settings > Extensions > Gomboc and drop it in the Api Key field.
That's all you need!
Commands
Test Api Key - Test your api key connection and make sure that it can hit our serverShow organization frameworks - Display the security policy that your organization has enabledScan current file or scenario - Perform a scan
Why Gomboc AI?
"Security shouldn’t derail development. Our plugin gives engineers real-time fixes that meet security requirements, right in their workflow — no more chasing tickets or delayed releases."
– Matt Sweeney, CPO & Co-Founder, Gomboc.ai
Resources
