Acunetix
Web vulnerability scanner for automated security testing of websites and web apps
Open-Source Projects
Discover top open-source software, updated regularly with real-world adoption signals.
Discover top open-source software, updated regularly with real-world adoption signals.
Secure your infrastructure-as-code before deployment with KICS
Detect security flaws, compliance gaps, and misconfigurations across Terraform, Kubernetes, CloudFormation, and many other IaC frameworks early in the development cycle.
KICS (Keeping Infrastructure as Code Secure) is a static analysis engine that helps developers, DevOps, and security teams find vulnerabilities, compliance issues, and misconfigurations in infrastructure‑as‑code files before they are applied.
It supports a broad range of IaC platforms—including Terraform, Kubernetes manifests, Dockerfiles, CloudFormation, Ansible, Helm, OpenAPI, gRPC, Azure Resource Manager, CDK, Pulumi, Serverless Framework, and more—using built‑in rule sets aligned with industry standards. Scans run quickly from the command line or via a Docker image, producing detailed reports and exit codes that can be consumed by CI/CD pipelines.
KICS can be executed locally, integrated into any CI system (GitHub Actions, GitLab CI, Jenkins, etc.), or used as part of automated compliance workflows. Being open source, it benefits from community contributions and can be extended with custom queries to enforce organization‑specific policies.
When teams consider KICS, these hosted platforms usually appear on the same shortlist.
Looking for a hosted option? These are the services engineering teams benchmark against before choosing open source.
Pre‑commit security scanning
Developers catch misconfigurations before code is pushed, preventing vulnerable infrastructure from entering version control.
CI/CD compliance enforcement
Build pipelines automatically fail when KICS detects violations of PCI/DSS or CIS benchmarks.
Multi‑cloud audit
Security teams generate unified reports across Terraform, CloudFormation, and Azure ARM templates.
Policy as code validation
Custom security policies are tested against IaC files to ensure internal standards are met.
KICS supports Terraform, Kubernetes manifests, Dockerfiles, CloudFormation, Ansible, Helm charts, OpenAPI, gRPC, Azure Resource Manager, CDK, Pulumi, Serverless Framework, and several other IaC formats.
KICS provides a CLI and a Docker image that can be invoked in any CI system (GitHub Actions, GitLab CI, Jenkins, etc.) to scan IaC files and exit with a non‑zero code on findings.
Yes, KICS is released under an open‑source license and can be used without cost.
KICS allows users to write custom queries in its query language to extend or modify the default rule set.
The official repository includes a docs folder, and the community discusses issues on GitHub and the Checkmarx forums.
Project at a glance
ActiveLast synced 4 days ago
