{"id":13408111,"url":"https://github.com/Checkmarx/kics","last_synced_at":"2025-03-14T12:32:09.586Z","repository":{"id":36954895,"uuid":"278200746","full_name":"Checkmarx/kics","owner":"Checkmarx","description":"Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.","archived":false,"fork":false,"pushed_at":"2024-04-17T15:22:48.000Z","size":642287,"stargazers_count":1886,"open_issues_count":151,"forks_count":286,"subscribers_count":25,"default_branch":"master","last_synced_at":"2024-04-17T16:11:29.522Z","etag":null,"topics":["appsec","cloudnative","devsecops","golang","hacktoberfest","iac","infrastructure-as-code","open-policy-agent","security","security-tools","vulnerability-detection","vulnerability-scanners"],"latest_commit_sha":null,"homepage":"https://kics.io","language":"Open Policy Agent","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Checkmarx.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"docs/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"docs/code-of-conduct.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":"docs/roadmap.md","authors":null,"dei":null}},"created_at":"2020-07-08T21:46:15.000Z","updated_at":"2024-04-18T16:41:55.937Z","dependencies_parsed_at":"2023-09-23T02:48:06.638Z","dependency_job_id":"b8d9b9d4-bd70-44ca-9f9c-a1f3c9fd14c8","html_url":"https://github.com/Checkmarx/kics","commit_stats":{"total_commits":5596,"total_committers":165,"mean_commits":"33.915151515151514","dds":0.8804503216583274,"last_synced_commit":"1f4a7afd938a1d2e132306308f6b63c3e22db7c0"},"previous_names":[],"tags_count":116,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Checkmarx%2Fkics","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Checkmarx%2Fkics/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Checkmarx%2Fkics/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Checkmarx%2Fkics/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Checkmarx","download_url":"https://codeload.github.com/Checkmarx/kics/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243578488,"owners_count":20313837,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["appsec","cloudnative","devsecops","golang","hacktoberfest","iac","infrastructure-as-code","open-policy-agent","security","security-tools","vulnerability-detection","vulnerability-scanners"],"created_at":"2024-07-30T20:00:50.832Z","updated_at":"2025-03-14T12:32:04.544Z","avatar_url":"https://github.com/Checkmarx.png","language":"Open Policy Agent","funding_links":[],"categories":["Web","Open Policy Agent","Infrastructure as code security","Tools","vulnerability-scanners","Infrastructure","Infrastructure as Code","Repositories / Tools","Other Awesome Lists","Infrastructure Security","Infrastructure as Code Secure","security-tools","Mobile","Infrastructure as Code Security","Tooling— Security and Policies"],"sub_categories":["Development","Infrastructure as Code Analysis","Terraform Tooling","Defending","Terraform","Infrastructure as Code (IaC) Security","Community providers","Datasource Integrations Blogs and Articles","Others","Cloud","Kubernetes Audit","Language Specific"],"readme":"[![Latest Release](https://img.shields.io/github/v/release/checkmarx/kics)](https://github.com/checkmarx/kics/releases)\n[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)\n[![Queries](https://raw.githubusercontent.com/Checkmarx/kics/gh-pages/queries.svg)](https://docs.kics.io/develop/queries/all-queries/)\n[![Docker Pulls](https://img.shields.io/docker/pulls/checkmarx/kics)](https://hub.docker.com/r/checkmarx/kics)\n![GitHub contributors](https://img.shields.io/github/contributors/checkmarx/kics?color=blue\u0026link=https%3A%2F%2Fgithub.com%2FCheckmarx%2Fkics%2Fgraphs%2Fcontributors)\n[![Documentation](https://img.shields.io/badge/docs-viewdocs-blue.svg \"Viewdocs\")](https://docs.kics.io/)\n[![GitHub Discussions](https://img.shields.io/badge/chat-discussions-blue.svg?logo=github)](https://github.com/Checkmarx/kics/discussions)\n\n[![checkmarx](https://img.shields.io/endpoint?url=https://pgp36n22ol.execute-api.eu-west-1.amazonaws.com/dev/cxflowcache-results?style=plastic\u0026logoWidth=20\u0026logo=data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAACXBIWXMAAA7EAAAOxAGVKw4bAAADbklEQVRYhc2XTWidRRSGn3MJl1AkZFFcFCkFIYKCYMEgIhZEMtNS2kHBvxYbl1kUIqELQXHhQigtCK266EIoSt0YplbsTJGqaFFahC6yiiJFUIJ2IUGClJLj4vvu/X7uTC7cJOoLH5eZM3Ped37OOXPhP4akOl20XeAQsB+YAsZH9H8HuAVcAxa9CStDBbhgDyKcAfaMSJoVo8pZEd7wJqwNCHDRdlSZF+H0FhO3cR3FeBv+BOjUDM8InEZhm79pFT5w0Xb6Aly0Eyjvb+OqGxBVBzwJMAaA8jLCTrQ3olRbHNBv5TcKxoCH6e10z6cKKMeAr8ZKwsN94r5MABaAd7wJ6yMKwEU7A8SG/+J3Gqo78GBi7tXNkpf4giIUG1CYBOiUl2FHYuLNLSAH1SnQXQnDbYBOlkTZNHmRU+QbkG7bJsi3UF3CQbRS1OFoxwSeRplEuOpN+D1LHO048DbKfNJ3gXPQzANZuGh3CHyNchm4gPKji/axzNgp4BrKfN6jnvU23KwJSMhsds2iPF5rT6jqJy7ae2vEHRftUVR/QNm7wXoCIid6jTIMhYEc0BRzf/9ISpuI7EK54KI1qoyrckZgdsBXfTHCe8Cr3oQ7PdfVEQjNOG3mhC8z454CzolwQ4TZDeavIjwPHK+TVzswHJ+jfIhwNGGbHTL3e+CIN+HnlDF/B2rwJqwjzAFLw5RW0HXgJLAvRw79HUi8S1qavAl/uWifBb0BMjGEfQXkmDfhSr2zLHr3ACveFvknH4YJTd6EZUVe2ZBauQI8UicvI+Qt4A+EXxH9zkV7XyUgVbczuGjCIsqpxJy7wAmE/Ymn1wzK6yjdYqxMA+9C/wiq2ltbSR7Cayi7FZ4rZulPKnLkognXM7uyL9H3BPR2QGSwFEv+eLwJdxFeFOEBhEcReShLXvjrtkoxSFEIe2G4BkzWRWjxGs6iLGLLG42p+5ImOcCaN2G9J2AJaJRMgQMu2peAj0cty2WpfwE4kDAvQZWILgEzrQEd4CNgwUXzS/OM2ncm294N2bpwqS7gvMKbAjsTA/eCtJy0Y3RYuwlVbotwHspL6E1YFWXuX3iSg4LAnDdhtS+gFL2oxSN0eyEsICxWzRZctAfL0rpnK3kVbolw3JvwWVNPAi7aLsohZNN/Tv8GllEuI3zaLsX/C/wDM7pjD59N2pkAAAAASUVORK5CYII=)](https://sast.checkmarx.net/cxwebclient/portal#/projectState/702/Summary)\n[![Codacy Badge](https://app.codacy.com/project/badge/Grade/ceddb5b1b37d4edfa56440842c6248a4)](https://www.codacy.com/gh/Checkmarx/kics/dashboard?utm_source=github.com\u0026amp;utm_medium=referral\u0026amp;utm_content=Checkmarx/kics\u0026amp;utm_campaign=Badge_Grade)\n[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=Checkmarx_kics\u0026metric=alert_status)](https://sonarcloud.io/dashboard?id=Checkmarx_kics)\n[![Go Report Card](https://goreportcard.com/badge/github.com/Checkmarx/kics)](https://goreportcard.com/report/github.com/Checkmarx/kics)\n[![Go Coverage](https://raw.githubusercontent.com/Checkmarx/kics/gh-pages/coverage.svg)](https://docs.kics.io/coverage.html)\n\n\u003cp align=\"center\"\u003e\n\u003cimg alt=\"KICS - Keep Infrastructure as Code Secure\" src=\"docs/img/logo/kics_new_logo_2022_dark.png#gh-light-mode-only\" width=\"500\"\u003e\n\u003cimg alt=\"KICS - Keep Infrastructure as Code Secure\" src=\"docs/img/logo/kics_new_logo_2022_white.png#gh-dark-mode-only\" width=\"500\"\u003e\n\u003c/p\u003e\n\n---\n\n\u003ca href=\"https://www.kics.io\" title=\"www.kics.io\"\u003e\u003cimg src=\"docs/img/button_www-kics-io.png\" align=\"right\"\u003e\u003c/a\u003e\n\nFind security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with **KICS** by Checkmarx.\n\n**KICS** stands for **K**eeping **I**nfrastructure as **C**ode **S**ecure, it is open source and is a must-have for any cloud native project.\n\n### Supported Platforms\n\n\u003cbr\u003e\n\u003ctable align=\"center\"\u003e\u003ctr\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#terraform\"\u003e\n\u003cpicture\u003e\n\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"docs/img/logo-terraform.png\" alt=\"Terraform\" width=\"120\" /\u003e\n\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"docs/img/logo-terraform-dark.png\" alt=\"Terraform\" width=\"120\" /\u003e\n\u003cimg src=\"docs/img/logo-terraform.png\" alt=\"Terraform\" width=\"120\" /\u003e\n\u003c/picture\u003e\n\u003c/a\u003e\n\u003c/td\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#kubernetes\"\u003e\n\u003cpicture\u003e\n\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"docs/img/logo-k8s.png\" width=\"160\"\u003e\n\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"docs/img/logo-k8s-dark.png\" width=\"160\"\u003e\n\u003cimg alt=\"Kubernetes\" src=\"docs/img/logo-k8s.png\" width=\"160\"\u003e\n\u003c/picture\u003e\n\u003c/a\u003e\n\u003c/td\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#docker\"\u003e\n\u003cimg alt=\"Docker\" src=\"docs/img/logo-docker.png\" width=\"180\"\u003e\n\u003c/a\u003e\n\u003c/td\u003e\n\u003c/tr\u003e\u003c/table\u003e\n\u003ctable align=\"center\"\u003e\u003ctr\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#cloudformation\"\u003e\n\u003cpicture\u003e\n\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"docs/img/logo-cf.png\" width=\"150\"\u003e\n\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"docs/img/logo-cf-dark.png\" width=\"150\"\u003e\n\u003cimg alt=\"CloudFormation\" src=\"docs/img/logo-cf.png\" width=\"150\"\u003e\n\u003c/picture\u003e\n\u003c/a\u003e\n\u003c/td\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#ansible\"\u003e\n\u003cpicture\u003e\n\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"docs/img/logo-ansible.png\" width=\"150\"\u003e\n\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"docs/img/logo-ansible-dark.png\" width=\"150\"\u003e\n\u003cimg alt=\"Ansible\" src=\"docs/img/logo-ansible.png\" width=\"150\"\u003e\n\u003c/picture\u003e\n\u003c/a\u003e\n\u003c/td\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#helm\"\u003e\n\u003cpicture\u003e\n\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"docs/img/logo-helm-alt.png\" width=\"60\"\u003e\n\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"docs/img/logo-helm-dark.png\" width=\"60\"\u003e\n\u003cimg alt=\"Helm\" src=\"docs/img/logo-helm-alt\" width=\"60\"\u003e\n\u003c/picture\u003e\n\u003c/a\u003e\n\u003c/td\u003e\n\u003c/tr\u003e\u003c/table\u003e\n\u003ctable align=\"center\"\u003e\u003ctr\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#openapi\"\u003e\n\u003cpicture\u003e\n\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"docs/img/logo-openapi.png\" width=\"185\"\u003e\n\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"docs/img/logo-openapi-dark.png\" width=\"185\"\u003e\n\u003cimg alt=\"OpenAPI\" src=\"docs/img/logo-openapi.png\" width=\"185\"\u003e\n\u003c/picture\u003e\n\u003c/a\u003e\n\u003c/td\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#grpc\"\u003e\n\u003cpicture\u003e\n\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"docs/img/logo-grpc.png\" width=\"135\"\u003e\n\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"docs/img/logo-grpc-dark.png\" width=\"135\"\u003e\n\u003cimg alt=\"gRPC\" src=\"docs/img/logo-grpc.png\" width=\"135\"\u003e\n\u003c/picture\u003e\n\u003c/a\u003e\n\u003c/td\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#azure-resource-manager\"\u003e\n\u003cimg alt=\"Azure Resource Manager\" src=\"docs/img/logo-arm.png\" width=\"65\"\n\u003c/a\u003e\n\u003c/td\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#google-deployment-manager\"\u003e\n\u003cimg alt=\"Google Deployment Manager\" src=\"docs/img/logo-gdm.png\" width=\"65\"\u003e\n\u003c/a\u003e\n\u003c/td\u003e\n\u003c/tr\u003e\u003c/table\u003e\n\u003ctable align=\"center\"\u003e\u003ctr\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#cdk\"\u003e\n\u003cpicture\u003e\n\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"docs/img/logo-cdk.png\" width=\"175\"\u003e\n\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"docs/img/logo-cdk-dark.png\" width=\"175\"\u003e\n\u003cimg alt=\"Cloud Development Kit\" src=\"docs/img/logo-cdk.png\" width=\"175\"\u003e\n\u003c/picture\u003e\n\u003c/a\u003e\n\u003c/td\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#sam\"\u003e\n\u003cimg alt=\"SAM\" src=\"docs/img/logo-sam.png\" width=\"65\"\u003e\n\u003c/a\u003e\n\u003c/td\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#docker-compose\"\u003e\n\u003cimg alt=\"Docker Compose\" src=\"docs/img/logo-dockercompose.png\" width=\"95\"\u003e\n\u003c/a\u003e\n\u003c/td\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#knative\"\u003e\n\u003cimg alt=\"Knative\" src=\"docs/img/logo-knative.png\" width=\"85\"\u003e\n\u003c/a\u003e\n\u003c/td\u003e\n\u003c/tr\u003e\u003c/table\u003e\n\u003ctable align=\"center\"\u003e\u003ctr\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#crossplane\"\u003e\n\u003cpicture\u003e\n\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"docs/img/logo-crossplane.png\" width=\"165\"\u003e\n\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"docs/img/logo-crossplane-dark.png\" width=\"165\"\u003e\n\u003cimg alt=\"Crossplane\" src=\"docs/img/logo-crossplane.png\" width=\"165\"\u003e\n\u003c/picture\u003e\n\u003c/a\u003e\n\u003c/td\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#pulumi\"\u003e\n\u003cpicture\u003e\n\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"docs/img/logo-pulumi.png\" width=\"145\"\u003e\n\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"docs/img/logo-pulumi-dark.png\" width=\"145\"\u003e\n\u003cimg alt=\"Pulumi\" src=\"docs/img/logo-pulumi.png\" width=\"145\"\u003e\n\u003c/picture\u003e\n\u003c/a\u003e\n\u003c/td\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#serverlessfw\"\u003e\n\u003cpicture\u003e\n\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"docs/img/logo-serverlessfw.png\" width=\"170\"\u003e\n\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"docs/img/logo-serverlessfw-dark.png\" width=\"170\"\u003e\n\u003cimg alt=\"ServerlessFW\" src=\"docs/img/logo-serverlessfw.png\" width=\"170\"\u003e\n\u003c/picture\u003e\n\u003c/a\u003e\n\u003c/td\u003e\n\u003c/tr\u003e\u003c/table\u003e\n\u003ctable align=\"center\"\u003e\u003ctr\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#azure-blueprints\"\u003e\n\u003cimg alt=\"Azure BluePrints\" src=\"docs/img/logo-azure-blueprints.png\" width=\"85\"\u003e\n\u003c/a\u003e\n\u003c/td\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#cicd\"\u003e\n\u003cimg alt=\"GitHub Workflows\" src=\"docs/img/logo-github-icon.png\" width=\"85\"\u003e\n\u003c/a\u003e\n\u003c/td\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#terraform\"\u003e\n\u003cpicture\u003e\n\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"docs/img/logo-opentofu.png\" width=\"160\"\u003e\n\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"docs/img/logo-opentofu-dark.png\" width=\"160\"\u003e\n\u003cimg alt=\"OpenTofu\" src=\"docs/img/logo-opentofu.png\" width=\"160\"\u003e\n\u003c/picture\u003e\n\u003c/a\u003e\n\u003c/td\u003e\n\u003ctd\u003e\n\u003ca href=\"https://github.com/Checkmarx/kics/blob/master/docs/platforms.md#bicep\"\u003e\n\u003cimg alt=\"Bicep\" src=\"docs/img/logo-bicep.png\" width=\"85\"\u003e\n\u003c/a\u003e\n\u003c/td\u003e\n\u003c/tr\u003e\u003c/table\u003e\n\n### Beta Features\n\u003cp align=\"center\"\u003e\n\u003cpicture\u003e\n\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"docs/img/logo-databricks.png\" width=\"200\"\u003e\n\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"docs/img/logo-databricks-dark.png\" width=\"200\"\u003e\n\u003cimg alt=\"Databricks\" src=\"docs/img/logo-databricks.png\" width=\"200\"\u003e\n\u003c/picture\u003e\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\n\u003cimg alt=\"NIFCloud\" src=\"docs/img/logo-nifcloud.png\" width=\"110\"\u003e\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\n\u003cpicture\u003e\n\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"docs/img/logo-tencentcloud.png\" width=\"180\"\u003e\n\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"docs/img/logo-tencentcloud-dark.png\" width=\"180\"\u003e\n\u003cimg alt=\"TencentCloud\" src=\"docs/img/logo-tencentcloud.png\" width=\"180\"\u003e\n\u003c/picture\u003e\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\n\u003c/p\u003e\n\nBy default, Databricks, NIFCloud, and TencentCloud queries run when you scan Terraform files using KICS.\n\nThe `Severity` and `Description` of these queries are still under review.\n\n## Getting Started\n\nSetting up and using KICS is super-easy.\n\n-   First, see how to [install and get KICS running](docs/getting-started.md).\n-   Then explore KICS [output results format](docs/results.md) and quickly fix the issues detected.\n\nInterested in more advanced stuff?\n-   Deep dive into KICS [queries](docs/queries.md).\n-   Understand how to [integrate](docs/integrations.md) KICS in your favourite CI/CD pipelines.\n\nSee [KICS documentation](https://docs.kics.io/) for more details and topics.\n\n## How it Works\n\nWhat makes KICS really powerful and popular is its built-in extensibility. This extensibility is achieved by:\n\n-   Fully customizable and adjustable heuristics rules, called [queries](docs/queries.md). These can be easily edited, extended and added.\n-   Robust but yet simple [architecture](docs/architecture.md), which allows quick addition of support for new Infrastructure as Code solutions.\n\n## Community\n\nYou're welcome to join our [community](docs/community.md), talk with us on \u003ca href=\"https://github.com/Checkmarx/kics/discussions\" target=\"_blank\"\u003eGitHub discussions\u003c/a\u003e or contact KICS core team at [kics@checkmarx.com](mailto:kics@checkmarx.com).\n\n### KICS Contributors\n\nSee our individual contributors in the [community](docs/community.md) page. You're welcome to join them by [contributing](docs/CONTRIBUTING.md) to KICS.\n\nWe also like to thank the following organizations for their ongoing contribution:\n-   [Checkmarx](https://checkmarx.com/)\n-   [Bedrock Streaming](https://bedrockstreaming.com/) (since v1.4.8)\n-   [Dynatrace](https://www.dynatrace.com/) (since v1.5.1)\n-   [Orca Security](https://orca.security/) (since v1.5.10)\n\n### KICS Users\nKICS is used by various companies and organizations, some are listed below. If you would like to be included here please open a PR.\n\n-   [Checkmarx](https://checkmarx.com/) ([IaC Security](https://checkmarx.com/product/iac-security/))\n-   [GitLab](https://gitlab.com/) ([Infrastructure as Code scanning](https://docs.gitlab.com/ee/user/application_security/iac_scanning/))\n-   [Bedrock Streaming](https://bedrockstreaming.com/)\n-   [Cisco](https://www.panoptica.app/) ([CI/CD Securitry](https://docs.panoptica.app/docs/ci-cd-security))\n-   [Orca Security](https://orca.security/)\n-   [JIT](https://www.jit.io/) ([SAST for IaC](https://www.jit.io/security-tools/kics))\n-   [Firefly](https://www.firefly.ai/) ([Firefly Integrates With Checkmarx's KICS](https://www.firefly.ai/blog/firefly-integrates-with-checkmarxs-kics-to-enable-seamless-cloud-governance-from-code-to-cloud))\n-   [Redpanda](https://redpanda.com/)\n-   [Keptn](https://github.com/keptn) / [Keptn Lifecycle Toolkit](https://keptn.sh)\n\n**Keeping Infrastructure as Code Secure!**\n\n---\n\n\u0026copy; 2024 Checkmarx Ltd. All Rights Reserved.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FCheckmarx%2Fkics","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FCheckmarx%2Fkics","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FCheckmarx%2Fkics/lists"}