Security News > 2021 > March > Checkmarx KICS enables developers to detect and fix configuration issues

Checkmarx KICS enables developers to detect and fix configuration issues
2021-03-01 03:30

Checkmarx announced the launch of KICS, an open source static analysis solution that enables developers to write more secure infrastructure as code.

KICS automatically detects vulnerabilities, hard-coded keys and passwords, compliance issues, and misconfigurations from the very start of the IaC build cycle, allowing developers to easily remediate these flaws before reaching production.

As the most comprehensive IaC scanning engine available, KICS supports the top IaC technologies including Terraform, Kubernetes, Docker, AWS CloudFormation, and Ansible.

Community-sourced: As an open source project, both the scanning engine and queries for KICS are clear and open to a community of thousands of security and DevOps experts and software developers.

Seamless CI/CD integration: KICS can easily be integrated with any CI/CD pipeline, including GitHub Actions and GitLab CI, applying vulnerability and misconfiguration checks to IaC while keeping developers within their preferred tools.

"I'm proud to welcome Checkmarx to the open source ecosystem with the release of KICS, as the company brings its vast AST experience to the community," said Lior Kaplan, open source advisor and evangelist.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/XjTnI9UXOzQ/