Checkov is a popular open source tool that scans cloud infrastructure configurations to find misconfigurations before they're deployed.
Security Stage | Infrastructure-as-code security scanning |
Type | Open Source |
Languages |
Docker, CloudFormation, Kubernetes, Helm, Terraform, ARM Templates, Serverless, AWS CDK. |
Site | https://www.checkov.io/ |
Pre-requisite
1 | You'll need a Git address to scan |
How do I set it up?
Adding Checkov to your set of security tests is simple.
Now any time you click 'Test Now' and select your Toolkit that includes Checkov, or make a request over the Uleska API or CLI including that Toolkit, the Checkov tool will be included in the test run and any results added to your vulnerabilities list.
Notes
None