Add ReleaseRun K8s, Docker Compose, and Terraform security scanners

Author: Matheus-RR

README.md

@@ -46,6 +46,7 @@ A curated list of awesome cloud security related resources.
 * [aws_ir](https://github.com/ThreatResponse/aws_ir): Python installable command line utility for mitigation of instance and key compromises.
 * [aws-firewall-factory](https://github.com/globaldatanet/aws-firewall-factory): Deploy, update, and stage your WAFs while managing them centrally via FMS.
 * [aws-vault](https://github.com/99designs/aws-vault): A vault for securely storing and accessing AWS credentials in development environments.
+* [ReleaseRun Terraform Security Scanner](https://releaserun.com/tools/terraform-security/): Browser-based .tf file security scanner. Checks for hardcoded AWS credentials, SSH/database ports open to 0.0.0.0/0, public S3 buckets, unencrypted RDS/EBS volumes, and missing deletion protection. A-F score with specific remediation.
 * [awspx](https://github.com/FSecureLABS/awspx): A graph-based tool for visualizing effective access and resource relationships within AWS.
 * [azucar](https://github.com/nccgroup/azucar): A security auditing tool for Azure environments
 * [checkov](https://github.com/bridgecrewio/checkov): A static code analysis tool for infrastructure-as-code.
@@ -70,6 +71,8 @@ A curated list of awesome cloud security related resources.
 * [Matano](https://github.com/matanolabs/matano): Open source serverless security lake platform on AWS that lets you ingest, store, and analyze data into an Apache Iceberg data lake and run realtime Python detections as code.
 * [Metabadger](https://github.com/salesforce/metabadger): Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).
 * [Open policy agent](https://www.openpolicyagent.org/): Policy-based control tool.
+* [ReleaseRun K8s YAML Security Linter](https://releaserun.com/tools/kubernetes-security-linter/): Browser-based Kubernetes YAML security scanner. Checks 12 misconfigurations (runAsRoot, privileged containers, missing resource limits, exposed secrets) and outputs an A-F grade with specific fixes.
+* [ReleaseRun Docker Compose Security Checker](https://releaserun.com/tools/docker-compose-security/): Browser-based Docker Compose security scanner. Detects Docker socket mounts, privileged containers, hardcoded secrets in env vars, and database ports bound to 0.0.0.0.
 * [pacbot](https://github.com/tmobile/pacbot): Policy as Code Bot.
 * [pacu](https://github.com/RhinoSecurityLabs/pacu): The AWS exploitation framework.
 * [PMapper](https://github.com/nccgroup/PMapper): A tool for quickly evaluating IAM permissions in AWS.
@@ -88,6 +91,8 @@ A curated list of awesome cloud security related resources.
 * [Falco](https://github.com/falcosecurity/falco): Container runtime security.
 * [mkit](https://github.com/darkbitio/mkit): Managed kubernetes inspection tool.
 * [Open policy agent](https://www.openpolicyagent.org/): Policy-based control tool.
+* [ReleaseRun K8s YAML Security Linter](https://releaserun.com/tools/kubernetes-security-linter/): Browser-based Kubernetes YAML security scanner. Checks 12 misconfigurations (runAsRoot, privileged containers, missing resource limits, exposed secrets) and outputs an A-F grade with specific fixes.
+* [ReleaseRun Docker Compose Security Checker](https://releaserun.com/tools/docker-compose-security/): Browser-based Docker Compose security scanner. Detects Docker socket mounts, privileged containers, hardcoded secrets in env vars, and database ports bound to 0.0.0.0.
 
 ## SaaS
 * [aws-allowlister](https://github.com/salesforce/aws-allowlister): Automatically compile an AWS Service Control Policy with your preferred compliance frameworks.