Avoid leaking secrets and credentials by running Gitleaks.
Run cfn_nag on CloudFormation templates to look for indications of insecure infrastructure. Run cfn-lint (if your IDE doensn't already do it) to check your templates against the AWS CloudFormation Specification
Use Bandit to find common security issues in Python code.
Lint your Dockerfiles with hadolint
Run shellcheck to perform static analysis on Bash/Sh family shell scripts.
Use ansible-lint to check playbooks for practices and behavior that could potentially be improved.
Configure tflint with the rules for Terraform Language and the AWS ruleset to check Terraform files.