Checkmarx / kicsLinks
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
☆2,470Updated this week
Alternatives and similar repositories for kics
Users that are interested in kics are comparing it to the libraries listed below
Sorting:
- Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.☆5,146Updated last month
- Tfsec is now part of Trivy☆6,884Updated last week
- OpenClarity is an open source platform built to enhance security and observability of cloud native applications and infrastructure☆1,428Updated last week
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆852Updated 2 years ago
- Detect, track and alert on infrastructure drift☆2,570Updated this week
- Security risk analysis for Kubernetes resources☆1,389Updated last week
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆815Updated 5 months ago
- Regula checks infrastructure as code templates (Terraform, CloudFormation, k8s manifests) for AWS, Azure, Google Cloud, and Kubernetes se…☆962Updated last year
- Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities☆1,054Updated last week
- An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchm…☆757Updated 9 months ago
- 🧵 CLI tool for directly patching container images!☆1,424Updated last week
- Write tests against structured configuration data using the Open Policy Agent Rego query language☆3,041Updated last week
- A tool to scan Kubernetes cluster for risky permissions☆1,399Updated 3 months ago
- Threat matrix for CI/CD Pipeline☆758Updated last year
- Supply-chain Levels for Software Artifacts☆1,724Updated last week
- Interactive Terraform visualization. State and configuration explorer.☆3,186Updated last month
- The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.☆960Updated 6 months ago
- A Blazing fast Security Auditing tool for Kubernetes☆1,002Updated last year
- Read your tfstate or HCL to generate a graph specific for each provider, showing only the resources that are most important/relevant.☆1,914Updated last month
- Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start☆3,013Updated 8 months ago
- Superseded by https://github.com/aquasecurity/trivy-operator☆1,368Updated last week
- A curated list of OPA related tools, frameworks and articles☆836Updated 3 months ago
- ☆537Updated last week
- secureCodeBox (SCB) - continuous secure delivery out of the box☆908Updated this week
- 🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!☆2,223Updated 3 weeks ago
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆3,231Updated this week
- GitHub App to set and enforce security policies☆1,358Updated this week
- Reads from existing public and private cloud providers (reverse Terraform) and generates your infrastructure as code on Terraform configu…☆2,311Updated 2 weeks ago
- Terratag is a CLI tool that enables users of Terraform to automatically create and maintain tags across their entire set of AWS, Azure, a…☆992Updated last month
- a lightweight, security focused, BDD test framework against terraform.☆1,411Updated this week