Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
KICS stands for Keeping Infrastructure as Code Secure, it is open source and is a must-have for any cloud native project.
Supported Platforms
Support of other solutions and additional cloud providers are on the roadmap.
Getting Started
Setting up and using KICS is super-easy.
Interested in more advanced stuff?
How it Works?
What makes KICS really powerful and popular is its built-in extensibility. This extensibility is achieved by:
Release Process
KICS release process is quite simple. We have nightly builds that will pack and pre-release all changes merged into master. The nightly release will have a “nightly” prefix with the last commit hash code. We have binaries available for both Windows and Linux, as well a Docker image in DockerHub
Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…
MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…
"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…
CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…
The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…
The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…