Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
☆2,605Apr 4, 2026Updated this week
Alternatives and similar repositories for kics
Users that are interested in kics are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.☆5,208Nov 20, 2025Updated 4 months ago
- Detect, track and alert on infrastructure drift☆2,632Jan 30, 2026Updated 2 months ago
- Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security…☆11,295Apr 3, 2026Updated last week
- A vulnerability scanner for container images and filesystems☆11,945Updated this week
- Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud envir…☆13,523Updated this week
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- OpenClarity is an open source platform built to enhance security and observability of cloud native applications and infrastructure☆1,453Mar 30, 2026Updated last week
- Security risk analysis for Kubernetes resources☆1,446Feb 16, 2026Updated last month
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆8,653Updated this week
- Code signing and transparency for containers and binaries☆5,793Updated this week
- Cloud Native Runtime Security☆8,842Updated this week
- ☆284Dec 1, 2022Updated 3 years ago
- Cloud cost estimates for Terraform in pull requests💰📉 Shift FinOps Left!☆12,251Updated this week
- Regula checks infrastructure as code templates (Terraform, CloudFormation, k8s manifests) for AWS, Azure, Google Cloud, and Kubernetes se…☆964Sep 3, 2024Updated last year
- Write tests against structured configuration data using the Open Policy Agent Rego query language☆3,151Updated this week
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adh…☆3,430Apr 3, 2026Updated last week
- Read your tfstate or HCL to generate a graph specific for each provider, showing only the resources that are most important/relevant.☆2,007Aug 13, 2025Updated 7 months ago
- Vulnerability Static Analysis for Containers☆10,965Updated this week
- Open Source Cloud Native Application Protection Platform (CNAPP)☆5,247Mar 8, 2026Updated last month
- Cost monitoring for Kubernetes workloads and cloud costs☆6,463Updated this week
- OpenSSF Scorecard - Security health metrics for Open Source☆5,351Apr 3, 2026Updated last week
- A Pluggable Terraform Linter☆5,668Updated this week
- A cli tool to help discover deprecated apiVersions in Kubernetes☆2,484Apr 1, 2026Updated last week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆14,652Apr 3, 2026Updated last week
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Open-Source Unified Vulnerability Management, DevSecOps & ASPM☆4,612Updated this week
- Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start☆3,238Updated this week
- 🐊 Policy Controller for Kubernetes☆4,185Updated this week
- Find secrets with Gitleaks 🔑☆25,816Mar 25, 2026Updated 2 weeks ago
- Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on p…☆5,574Mar 25, 2026Updated 2 weeks ago
- A Blazing fast Security Auditing tool for Kubernetes☆1,005Apr 6, 2024Updated 2 years ago
- Unified Policy as Code☆7,576Apr 3, 2026Updated last week
- Validation of best practices in your Kubernetes clusters☆3,355Apr 1, 2026Updated last week
- A tool to scan Kubernetes cluster for risky permissions☆1,418May 25, 2025Updated 10 months ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…☆2,198Apr 2, 2026Updated last week
- Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resour…☆5,959Apr 2, 2026Updated last week
- CLI tool to generate terraform files from existing infrastructure (reverse Terraform). Infrastructure to Code☆14,524Mar 16, 2026Updated 3 weeks ago
- a lightweight, security focused, BDD test framework against terraform.☆1,444Dec 8, 2025Updated 4 months ago
- Multi-Cloud Security Auditing Tool☆7,609Sep 23, 2025Updated 6 months ago
- Terratag is a CLI tool that enables users of Terraform to automatically create and maintain tags across their entire set of AWS, Azure, a…☆1,045Mar 26, 2026Updated 2 weeks ago
- 👀 A Kubernetes cluster resource sanitizer☆6,258Dec 8, 2025Updated 4 months ago