Checkmarx / kics
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
☆2,200Updated this week
Alternatives and similar repositories for kics:
Users that are interested in kics are comparing it to the libraries listed below
- Tfsec is now part of Trivy☆6,772Updated this week
- OpenClarity is an open source tool built to enhance security and observability of cloud native applications and infrastructure☆1,382Updated this week
- Checklist for container security - devsecops practices☆1,544Updated last year
- Superseded by https://github.com/aquasecurity/trivy-operator☆1,364Updated 2 weeks ago
- Security risk analysis for Kubernetes resources☆1,281Updated this week
- A Blazing fast Security Auditing tool for Kubernetes☆994Updated 10 months ago
- Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.☆4,838Updated 2 months ago
- Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities☆884Updated last month
- Detect, track and alert on infrastructure drift☆2,511Updated this week
- An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchm…☆735Updated 2 months ago
- Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on p…☆4,628Updated 2 weeks ago
- OWASP Foundation Web Respository☆575Updated last year
- A curated list for Awesome Kubernetes Security resources☆1,939Updated last year
- Regula checks infrastructure as code templates (Terraform, CloudFormation, k8s manifests) for AWS, Azure, Google Cloud, and Kubernetes se…☆963Updated 5 months ago
- Hunt for security weaknesses in Kubernetes clusters☆4,796Updated 11 months ago
- The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.☆881Updated this week
- Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark☆7,249Updated this week
- Kubernetes Security Training Platform - focusing on security mitigation☆941Updated 5 months ago
- A curated list of awesome Kubernetes security resources☆909Updated last year
- A tool to scan Kubernetes cluster for risky permissions☆1,353Updated 2 months ago
- 🧵 CLI tool for directly patching container images!☆1,132Updated this week
- Kubernetes-native security toolkit☆1,387Updated this week
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆827Updated last year
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆793Updated last month
- ☆404Updated 2 years ago
- Threat matrix for CI/CD Pipeline☆745Updated 7 months ago
- 🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!☆2,138Updated this week
- A service that analyzes docker images and scans for vulnerabilities☆1,589Updated 2 years ago
- Read your tfstate or HCL to generate a graph specific for each provider, showing only the resources that are most important/relevant.☆1,801Updated last month
- A tool for quickly evaluating IAM permissions in AWS.☆1,453Updated 6 months ago