kics
Installation
SKILL.md
Checkmarx KICS (Keeping Infrastructure as Code Secure)
When to Use KICS
Ideal scenarios:
- Infrastructure as Code (IaC) security scanning
- Cloud configuration analysis (AWS, Azure, GCP, Oracle)
- Kubernetes manifest security review
- Dockerfile security hardening
- Terraform/OpenTofu security assessment
- Ansible playbook security validation
- CI/CD pipeline IaC security gates
- Compliance checking (CIS, PCI-DSS, NIST, SOC2)
Complements other tools: