keeping infrastructure as code secure is an open source solution for static code analysis of Infrastructure as Code.

Supported Platforms

KICS finds security vulnerabilities, compliance issues, and infrastructure misconfigurations in the following Infrastructure as Code solutions: Terraform, Kubernetes, Docker, AWS CloudFormation, Ansible, Helm, and OpenAPI 3.0 specifications

Over 1000 queries are available.

HELM

Complete

KICS finds security vulnerabilities, compliance issues, and infrastructure misconfigurations in following Infrastructure as Code solutions: Terraform, Kubernetes, Docker, AWS CloudFormation, Ansible. 1000+ queries are available.

KICS is easy to install and run, easy to understand results, and easy to integrate into CI.

Open Source

KICS is open and will always stay such. Both the scanning engine and the security queries are clear and open for the software development community.

Extensible

From day one KICS is built for extensibility.

First, it includes over 1000 fully customizable and adjustable heuristics rules, called queries. These can be easily edited, extended, and added. Second, its robust but yet simple architecture allows quick addition of support for new Infrastructure as Code solutions.

Documentation

Explore the project documentation for quick installation and integration instructions. Or take the next step and explore the contribution options.

Contribute

KICS is a community project. It’s built as an open source from day one, and anyone can find their own way to contribute to the project.

Within just minutes, you can start making a difference, by sharing your expertise with a community of thousands of security experts and software developers.

Spread the love:

The KICS project is powered by Checkmarx, global leader of Application Security Testing.

Checkmarx