KICS by Checkmarx is an open-source security tool that scans Infrastructure as Code (IaC) files for vulnerabilities. It uses custom-built queries to identify security issues across various infrastructure and cloud environments. KICS is modular and extensible, allowing integration with different development workflows and tools. Its multi-stage scanning process and output formats enable organizations to proactively identify and address security vulnerabilities.

Infrastructure as code security: KICS can scan IaC files to identify security issues, such as weak access control, insecure configurations, and unpatched vulnerabilities. Compliance: KICS can be used to ensure compliance with industry standards and regulations, such as HIPAA, PCI DSS, and GDPR. It can identify violations and provide guidance on remediation. DevOps integration: KICS can integrate with DevOps pipelines to provide continuous security scanning of IaC files, enabling teams to address security issues earlier in the development process. Incident response: KICS can be used to perform forensic analysis on IaC files after a security incident, identifying the root cause and providing insights into how to prevent similar incidents in the future.