🗂️ Navigation
📁 Infrastructure as Code
📋 Infrastructure Testing Tools
🔧 KICS

KICS

Keeping Infrastructure as Code Secure

Visit Website →

Overview

KICS (Keeping Infrastructure as Code Secure) is an open-source static analysis tool developed by Checkmarx. It scans IaC files to detect security vulnerabilities, compliance issues, and misconfigurations. KICS supports a wide range of IaC platforms, including Terraform, Kubernetes, Docker, CloudFormation, and Ansible. It features a large and growing library of queries and can be integrated into CI/CD pipelines.

✨ Key Features

  • Scans for security vulnerabilities and compliance issues
  • Supports a wide range of IaC platforms
  • Over 2000 built-in queries
  • Customizable and extensible with new queries
  • Integration with CI/CD pipelines
  • Multiple output formats (JSON, SARIF, etc.)

🎯 Key Differentiators

  • Broad platform support
  • Large number of built-in queries
  • Developed by Checkmarx, a leader in application security

Unique Value: Offers one of the most extensive out-of-the-box IaC platform support and query libraries, enabling teams to secure diverse and complex cloud-native environments with a single tool.

🎯 Use Cases (4)

Static analysis of IaC files for security risks Enforcing compliance policies across multiple IaC platforms Automating security checks within CI/CD workflows Identifying misconfigurations before deployment

✅ Best For

  • Using its extensive query library to scan diverse IaC projects (e.g., Terraform and Ansible) in a unified CI/CD security gate.

💡 Check With Vendor

Verify these considerations match your specific requirements:

  • Dynamic or runtime security analysis
  • Infrastructure functional testing

🏆 Alternatives

Checkov Terrascan tfsec

Compared to more specialized tools like tfsec, KICS provides much broader coverage across different IaC technologies, making it ideal for organizations that use a variety of tools.

💻 Platforms

CLI API (via Checkmarx One)

✅ Offline Mode Available

🔌 Integrations

Terraform Kubernetes Docker CloudFormation Ansible Helm GitHub Actions Jenkins GitLab CI

🛟 Support Options

  • ✓ Email Support
  • ✓ Live Chat
  • ✓ Phone Support
  • ✓ Dedicated Support (Checkmarx One tier)

🔒 Compliance & Security

✓ SOC 2 ✓ HIPAA ✓ BAA Available ✓ GDPR ✓ ISO 27001 ✓ SSO ✓ SOC 2 Type II ✓ ISO 27001 ✓ PCI DSS

💰 Pricing

Contact for pricing
Free Tier Available

✓ 14-day free trial

Free tier: KICS is a free and open-source tool. Enterprise features are part of the Checkmarx One platform.

Visit KICS Website →

🔄 Similar Tools in Infrastructure Testing Tools

Checkov

A static code analysis tool for infrastructure as code (IaC) to find misconfigurations....

Contact

Terratest

A Go library for writing automated tests for your infrastructure code....

Contact

tfsec

A static analysis tool for Terraform code to spot potential security issues....

Contact

Snyk IaC

An IaC security tool from Snyk that helps developers find and fix misconfigurations....

$25.00/mo

Terrascan

An open-source static code analyzer for IaC that helps detect security and compliance issues....

Contact

Open Policy Agent (OPA)

An open-source, general-purpose policy engine that can be used for enforcing policies on IaC....

Contact