Checkmarx / kicsLinks
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
☆2,304Updated this week
Alternatives and similar repositories for kics
Users that are interested in kics are comparing it to the libraries listed below
Sorting:
- OpenClarity is an open source platform built to enhance security and observability of cloud native applications and infrastructure☆1,409Updated this week
- Security risk analysis for Kubernetes resources☆1,332Updated last week
- Regula checks infrastructure as code templates (Terraform, CloudFormation, k8s manifests) for AWS, Azure, Google Cloud, and Kubernetes se…☆965Updated 8 months ago
- Tfsec is now part of Trivy☆6,825Updated 3 weeks ago
- A service that analyzes docker images and scans for vulnerabilities☆1,586Updated 2 years ago
- Write tests against structured configuration data using the Open Policy Agent Rego query language☆2,988Updated this week
- The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.☆931Updated 3 months ago
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆841Updated last year
- Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.☆4,937Updated 3 weeks ago
- A Blazing fast Security Auditing tool for Kubernetes☆997Updated last year
- A tool to scan Kubernetes cluster for risky permissions☆1,383Updated this week
- ☆525Updated this week
- Hunt for security weaknesses in Kubernetes clusters☆4,865Updated last year
- Superseded by https://github.com/aquasecurity/trivy-operator☆1,366Updated last month
- Read your tfstate or HCL to generate a graph specific for each provider, showing only the resources that are most important/relevant.☆1,850Updated 4 months ago
- Detect, track and alert on infrastructure drift☆2,543Updated last month
- An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchm…☆748Updated 5 months ago
- Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities☆966Updated 2 weeks ago
- Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark☆7,458Updated this week
- 🧵 CLI tool for directly patching container images!☆1,310Updated last week
- A curated list for Awesome Kubernetes Security resources☆1,954Updated last year
- a lightweight, security focused, BDD test framework against terraform.☆1,391Updated last week
- Terratag is a CLI tool that enables users of Terraform to automatically create and maintain tags across their entire set of AWS, Azure, a…☆979Updated last month
- Interactive Terraform visualization. State and configuration explorer.☆3,136Updated 10 months ago
- A tool for quickly evaluating IAM permissions in AWS.☆1,495Updated 9 months ago
- ☆415Updated 2 years ago
- Kubernetes Security Training Platform - focusing on security mitigation☆949Updated 8 months ago
- Supply-chain Levels for Software Artifacts☆1,667Updated last week
- Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…☆2,091Updated 3 weeks ago
- Threat matrix for CI/CD Pipeline☆751Updated 10 months ago