Checkmarx / kicsLinks
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
☆2,450Updated this week
Alternatives and similar repositories for kics
Users that are interested in kics are comparing it to the libraries listed below
Sorting:
- Tfsec is now part of Trivy☆6,874Updated 3 weeks ago
- Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.☆5,124Updated 3 weeks ago
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆850Updated last year
- OpenClarity is an open source platform built to enhance security and observability of cloud native applications and infrastructure☆1,425Updated last week
- An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchm…☆755Updated 8 months ago
- Detect, track and alert on infrastructure drift☆2,565Updated 3 weeks ago
- Security risk analysis for Kubernetes resources☆1,387Updated last week
- Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities☆1,024Updated last month
- Regula checks infrastructure as code templates (Terraform, CloudFormation, k8s manifests) for AWS, Azure, Google Cloud, and Kubernetes se…☆963Updated 11 months ago
- Superseded by https://github.com/aquasecurity/trivy-operator☆1,367Updated 3 weeks ago
- Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets☆815Updated 4 months ago
- secureCodeBox (SCB) - continuous secure delivery out of the box☆906Updated this week
- Kubernetes-native security toolkit☆1,592Updated this week
- Supply-chain Levels for Software Artifacts☆1,712Updated this week
- A tool to scan Kubernetes cluster for risky permissions☆1,399Updated 3 months ago
- 🧵 CLI tool for directly patching container images!☆1,403Updated this week
- The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.☆956Updated 6 months ago
- GitHub App to set and enforce security policies☆1,354Updated this week
- A Blazing fast Security Auditing tool for Kubernetes☆1,000Updated last year
- ☆534Updated last week
- Write tests against structured configuration data using the Open Policy Agent Rego query language☆3,030Updated last week
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,393Updated last week
- Kubernetes Security Training Platform - focusing on security mitigation☆952Updated 11 months ago
- A service that analyzes docker images and scans for vulnerabilities☆1,587Updated 2 years ago
- Hunt for security weaknesses in Kubernetes clusters☆4,925Updated last year
- A curated list for Awesome Kubernetes Security resources☆1,976Updated last year
- Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start☆2,996Updated 7 months ago
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆3,184Updated last week
- Code signing and transparency for containers and binaries☆5,149Updated last week
- DevSecOps, ASPM, Vulnerability Management. All on one platform.☆4,171Updated this week