Glossary

KICS

The Checkmarx infrastructure-as-code engine (aptly named KICS for Keeping Infrastructure as Code Secure) finds security vulnerabilities, compliance issues, and infrastructure misconfigurations in following Infrastructure as Code technologies: Terraform, Kubernetes, Docker, AWS CloudFormation, and Ansible. As the engine is capable of analyzing any JSON, XML and YML files, support of new configurations requires adding queries, and do not require any engine modification. From day one the KICS has been built for extensibility. First, it includes over 1000 fully customizable and adjustable heuristics rules, called queries. These can be easily edited, extended, and added. Second, its robust but yet simple architecture allows quick addition of support for new Infrastructure as Code solutions.