Product

Categories
Trending
Tags
Collections
New Repos
Comparisons

Resources

Submit a Repo
About
Newsletter
Privacy Policy
Terms
Contact

Popular Tags

#react
#typescript
#python
#machine-learning
#nextjs

sourcevana

Discover, Download, Deploy — Open Source Made Easy.

Checkmarx/kics — KICS helps you discover security vulnerabilities and co | Sourcevana

HomeDevOps & Infrastructurekics

kics

by Checkmarx

KICS helps you discover security vulnerabilities and compliance issues in your Infrastructure as Code (IaC).

Verified Snapshot (99.6 MB)

Open Policy Agent2.6K360Updated 12h ago

GitHub

Quick Overview

What is this?

KICS (Keeping Infrastructure as Code Secure) is an open-source tool by Checkmarx that scans IaC templates for security flaws. It supports numerous IaC languages like Terraform, CloudFormation, Kubernetes, and more, identifying misconfigurations before deployment. You can run it via CLI with commands like `kics scan --input-dir /path/to/iac` or use its Docker image.

What problem does it solve?

KICS helps you discover security vulnerabilities and compliance issues in your Infrastructure as Code (IaC).

Who should use it?

Developers and security engineers working with IaC who want to catch issues early in the development lifecycle.

Setup difficulty:Easy

Pros

Supports a wide range of IaC tools (Terraform, CloudFormation, Kubernetes, etc.)
Provides pre-defined queries for common vulnerabilities and compliance standards

Integrates into CI/CD pipelines for automated scanning

Cons

Can have a learning curve for complex custom query development
False positives are possible and require tuning of queries or ignoring findings

Scores

Trust Score

Star reputation (15%)68

Star velocity 7d (15%)0

Commit recency (15%)100

Fork ratio (10%)46

Issue ratio (10%)0

Contributor signal (10%)72

README quality (5%)100

License (5%)100

Homepage/demo (5%)100

Docs URL (5%)0

Topic count (5%)100

Maintenance

Commit frequency95

Issue management25

Documentation85

Popularity

Stars50

Forks40

Growth trend10

Star History

Not enough data yet. Star history will appear after a few days of tracking.

Snapshot Versions

Version	Commit	Size	Downloads	Date
latestLatest	HEAD	99.6 MB	0	1h ago

Alternatives

the-book-of-secret-knowledge

trimstray

A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

TrendingAbandoned

214.1K94212.8K1y ago

devops-exercises

bregman-arie

Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization. DevOps Interview Questions

Python81.9K4919.1K3mo ago

awesome-scalability

binhnguyennus

The Patterns of Scalable, Reliable, and Performant Large-Scale Systems

Trending

70.3K1776.9K3mo ago

act

nektos

Run your GitHub Actions locally 🚀

TrendingFeatured

Go69.8K731.9K8h ago

gitea

go-gitea

Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD

Featured

Go54.8K6.5K4h ago

kong

Kong

🦍 The API and AI Gateway

Featured

Lua43.1K5.1K12d ago

Community Reviews

Loading reviews...

README

GitHub contributors

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

KICS stands for Keeping Infrastructure as Code Secure, it is open source and is a must-have for any cloud native project.

Supported Platforms

Trust Score

Sourcevana Trust · 65/100

License

Apache-2.0

Languages

Open Policy Agent39.9%

HCL31.3%

Go21.5%

HTML3.0%

Bicep2.9%

Other1.3%

Topics

appsec cloudnative devsecops golang hacktoberfest iac infrastructure-as-code open-policy-agent security security-tools vulnerability-detection vulnerability-scanners+4 more

Homepage

AddedApr 9, 2026

UpdatedApr 9, 2026

Last commit12h ago

Browse more in DevOps & Infrastructure View all repos by Checkmarx

Embed Trust Badge

README.md preview:

Sourcevana Trust · 65/100

[![Sourcevana Trust](https://sourcevana.com/api/badge/checkmarx-kics)](https://sourcevana.com/repo/checkmarx-kics)

Paste this into your README.md

Embed Widget

<iframe src="https://sourcevana.com/embed/checkmarx-kics" width="480" height="120" frameborder="0"></iframe>

Embed this repo card on any website or blog