GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → Checkmarx → Kics

Checkmarx / Kics

Licence: apache-2.0
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

Labels

securityinfrastructure-as-codeappseccloudnative

Projects that are alternatives of or similar to Kics

Terrible
An Ansible playbook that apply the principle of the Infrastructure as Code on a QEMU/KVM environment.
Stars: ✭ 161 (-14.81%)
Mutual labels:  infrastructure-as-code
Yawast
YAWAST ...where a pentest starts. Security Toolkit for Web-based Applications
Stars: ✭ 181 (-4.23%)
Mutual labels:  appsec
Serverless.tf
serverless.tf is an opinionated open-source framework for developing, building, deploying, and securing serverless applications and infrastructures on AWS using Terraform.
Stars: ✭ 198 (+4.76%)
Mutual labels:  infrastructure-as-code
Dnscontrol
Synchronize your DNS to multiple providers from a simple DSL
Stars: ✭ 2,089 (+1005.29%)
Mutual labels:  infrastructure-as-code
Awesome Terraform
Curated list of resources on HashiCorp's Terraform
Stars: ✭ 2,618 (+1285.19%)
Mutual labels:  infrastructure-as-code
Sbt Dependency Check
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (-1.06%)
Mutual labels:  appsec
Terraform Aws Devops
Info about many of my Terraform, AWS, and DevOps projects.
Stars: ✭ 159 (-15.87%)
Mutual labels:  infrastructure-as-code
Aws Workshop For Kubernetes
AWS Workshop for Kubernetes
Stars: ✭ 2,450 (+1196.3%)
Mutual labels:  cloudnative
Fogg
Manage Infrastructure as Code with less pain.
Stars: ✭ 181 (-4.23%)
Mutual labels:  infrastructure-as-code
Kubefate
Manage federated learning workload using cloud native technologies.
Stars: ✭ 195 (+3.17%)
Mutual labels:  cloudnative
Pulumi Aws
An Amazon Web Services (AWS) Pulumi resource package, providing multi-language access to AWS
Stars: ✭ 169 (-10.58%)
Mutual labels:  infrastructure-as-code
Cdk Clj
A Clojure wrapper for the AWS Cloud Development Kit (AWS CDK)
Stars: ✭ 173 (-8.47%)
Mutual labels:  infrastructure-as-code
Checkov
Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
Stars: ✭ 3,572 (+1789.95%)
Mutual labels:  infrastructure-as-code
Octodns
Tools for managing DNS across multiple providers
Stars: ✭ 2,090 (+1005.82%)
Mutual labels:  infrastructure-as-code
Zap Hud
The OWASP ZAP Heads Up Display (HUD)
Stars: ✭ 201 (+6.35%)
Mutual labels:  appsec
Threat Model Cookbook
This project is about creating and publishing threat model examples.
Stars: ✭ 159 (-15.87%)
Mutual labels:  appsec
Blisqy
Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).
Stars: ✭ 179 (-5.29%)
Mutual labels:  appsec
Wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+1949.21%)
Mutual labels:  appsec
Rfi Lfi Payload List
🎯 RFI/LFI Payload List
Stars: ✭ 202 (+6.88%)
Mutual labels:  appsec
Kruise
Automate application management on Kubernetes (project under CNCF)
Stars: ✭ 2,819 (+1391.53%)
Mutual labels:  cloudnative
View All Similar Projects ➔

checkmarx codecov Go Report Card Codacy Badge Quality Gate Status License Latest Release Documentation Gitter

KICS - Keep Infrastructure as Code Secure

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

KICS stands for Keeping Infrastructure as Code Secure, it is open source and is a must-have for any cloud native project.

Supported Platforms

Terraform   Kubernetes   Docker   CloudFormation   Ansible

Support of other solutions and additional cloud providers are on the roadmap.

Getting Started

Setting up and using KICS is super-easy.

Interested in more advanced stuff?

  • Deep dive into KICS queries.
  • Understand how to integrate KICS in your favourit CI/CD pipelines.

How it Works

What makes KICS really powerful and popular is its built-in extensibility. This extensibility is achieved by:

  • Fully customizable and adjustable heuristics rules, called queries. These can be easily edited, extended and added.
  • Robust but yet simple architecture, which allows quick addition of support for new Infrastructure as Code solutions.

Release process

KICS release process is quite simple. We have nightly builds that will pack and pre-release all changes merged into master. The nightly release will have a "nightly" prefix with the last commit hash code. We have binaries available for both Windows and Linux, as well a Docker image in DockerHub

Contribution

KICS is a true community project. It's built as an open source from day one, and anyone can find his own way to contribute to the project. Check out how, within just minutes, you can start making a difference, by sharing your expertise with a community of thousands of security experts and software developers.

More

KICS public documentation has all the project aspects covered. Join the chat on Gitter. Or contact KICS core team at [email protected]

Keeping Infrastructure as Code Secure!

© 2021 Checkmarx Ltd. All Rights Reserved.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].