PenTesting Toolkit
Cloud Security
Intermediate
Featured

Checkov

Static analysis tool for infrastructure as code security

4.7/5.0
5,000,000downloads
Updated 1/15/2024
Official WebsiteGitHubDocumentation
Tool Information

Platforms

Linux
Windows
macOS

License

Apache-2.0

Techniques

Infrastructure as Code Scanning
Policy as Code
Compliance Checking
Security Misconfiguration Detection
Advertisement
Advertisement
About Checkov

Checkov is a static code analysis tool for infrastructure as code (IaC) and also a software composition analysis (SCA) tool for images and open source packages. It scans cloud infrastructure provisioned using Terraform, CloudFormation, Kubernetes, Helm, ARM Templates and Serverless framework and detects security and compliance misconfigurations.

Advertisement

Use Cases

  • IaC Security Scanning
  • DevSecOps Integration
  • Compliance Automation

Tags

iac
terraform
cloudformation
kubernetes
static-analysis

Related Tools

ScoutSuite
Multi-cloud security auditing tool for AWS, Azure, GCP, and more
Cloud Security
4.7/5.0(2,500,000 downloads)
cloud
aws
azure
View Details
Prowler
AWS security best practices assessment tool
Cloud Security
4.8/5.0(3,000,000 downloads)
aws
security-assessment
compliance
View Details
CloudMapper
AWS environment visualization and security analysis tool
Cloud Security
4.5/5.0(1,200,000 downloads)
aws
visualization
network-mapping
View Details
Community Discussion

Join the discussion! Share your thoughts, ask questions, or contribute your expertise to help the cybersecurity community.