KICS

Scans IaC projects for security vulnerabilities, compliance issues, and infrastructure misconfiguration. Currently working with Terraform projects, Kubernetes manifests, Dockerfiles, AWS CloudFormation Templates, and Ansible playbooks.
KICS logo

Here is the markdown description of KICS:

KICS

Latest Release: Fully customizable and adjustable heuristics rules, called queries, can be easily edited, extended and added.


Getting Started

  • First, see how to install and get KICS running.
  • Then explore KICS output results format and quickly fix the issues detected.
  • Deep dive into KICS queries.
  • Understand how to integrate KICS in your favourite CI/CD pipelines.

How it Works

What makes KICS really powerful is its built-in extensibility. This extensibility is achieved by:

  • Fully customizable and adjustable heuristics rules, called queries, can be easily edited, extended and added.
  • Robust but yet simple architecture, which allows quick addition of support for new Infrastructure as Code solutions.

Community

You're welcome to join our community, talk with us on GitHub discussions or contact KICS core team at [email protected].


KICS Contributors

See our individual contributors in the community page. You're welcome to join them by contributing to KICS.

We also like to thank the following organizations for their ongoing contribution:

  • Checkmarx
  • Bedrock Streaming (since v1.4.8)
  • Dynatrace (since v1.5.1)
  • Orca Security (since v1.5.10)

KICS Users

KICS is used by various companies and organizations, some are listed below. If you would like to be included here please open a PR.

  • Checkmarx
  • GitLab
  • Bedrock Streaming
  • Cisco
  • Orca Security
  • JIT
  • Firefly
  • Redpanda
  • Keptn

Keeping Infrastructure as Code Secure!

© 2024 Checkmarx Ltd. All Rights Reserved.





> Visit KICS Website <
Best Search
Popular Tags