KICS

KICS (Keeping Infrastructure as Code Secure) is an open-source static analysis tool by Checkmarx that scans infrastructure as code files to identify security vulnerabilities, compliance issues, and misconfigurations across platforms including Terraform, Kubernetes, Docker, AWS CloudFormation, Ansible, Helm, ARM Templates, OpenAPI, Pulumi, and Serverless Framework using over 2,400 fully customizable and extensible security queries. The tool integrates seamlessly into CI/CD pipelines to enable automated security testing during development, providing detailed remediation guidance with severity ratings to help development teams detect and fix infrastructure security issues before deployment while supporting multiple output formats for comprehensive reporting and analysis.

Docs

All Integrations

Start Your Free 
Trial Today

Unify your security pipeline and orchestrate peace of mind with DefectDojo. We are security experts and here to help.

Overview

By Role

By Solution

Simple and transparent pricing.

Join the DefectDojo community

Resources

Company

Categories

Import Options

File Types

Integrations

KICS

Start Your Free 
Trial Today

Categories

Import Options

File Types

Integrations

KICS

Start Your Free Trial Today

Start Your Free 
Trial Today