Checkov
Open-source IaC security scanner for Terraform, CloudFormation, and Kubernetes
Checkov is an open-source static analysis tool from Bridgecrew (Palo Alto Networks) that scans infrastructure-as-code files for security and compliance misconfigurations before deployment. It supports Terraform, CloudFormation, Kubernetes manifests, Dockerfile, and ARM templates, checking against 1000+ built-in policies covering CIS Benchmarks, HIPAA, GDPR, and PCI-DSS. Checkov integrates into CI pipelines to catch misconfigured S3 buckets, overly permissive IAM roles, and unencrypted databases at commit time.
Key Features
- ✓1000+ security policies
- ✓Terraform/CloudFormation/K8s
- ✓CIS/HIPAA/PCI compliance
- ✓CI/CD integration
- ✓Custom policies
- ✓Open source
Quick Info
- Category
- Security
- Pricing
- Free
More Security Tools
Darktrace
SecurityAI-powered cybersecurity platform that uses self-learning AI to detect and autonomously respond to cyber threats in real time.
CrowdStrike Charlotte AI
SecurityCrowdStrike's generative AI security analyst that answers threat questions, investigates incidents, and accelerates response.
Vectra AI
SecurityAI-driven threat detection and response platform that identifies attacker behavior across hybrid and multi-cloud environments.
Recorded Future AI
SecurityAI-powered threat intelligence platform