From dcf2c2187f382ed0331d2d933b0992446397a681 Mon Sep 17 00:00:00 2001 From: Lior Kaplan Date: Thu, 24 Jun 2021 13:04:43 +0300 Subject: [PATCH] Add KICS (Keeping Infrastructure as Code Secure) An infrastructure-as-code scanning tool by Checkmarx to find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development process --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 6c4bf2b..8e3f89a 100644 --- a/README.md +++ b/README.md @@ -302,6 +302,7 @@ _Source:_ [What is Docker](https://www.docker.com/why-docker) - [docker-bench-security](https://github.com/docker/docker-bench-security) - script that checks for dozens of common best-practices around deploying Docker containers in production. By [@docker][docker] - [docker-explorer](https://github.com/google/docker-explorer) - A tool to help forensicate offline docker acquisitions by [@Google][google] - [docker-lock](https://github.com/safe-waters/docker-lock) - A cli-plugin for docker to automatically manage image digests by tracking them in a separate Lockfile. By [@safe-waters][safe-waters] +- [KICS](https://github.com/checkmarx/kics) - an infrastructure-as-code scanning tool, find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle. Can be extended for additional policies. By [Checkmarx](https://github.com/Checkmarx) - [notary](https://github.com/theupdateframework/notary) - a server and a client for running and interacting with trusted collections. By [@TUF](https://github.com/theupdateframework) - [oscap-docker](https://github.com/OpenSCAP/openscap) - OpenSCAP provides oscap-docker tool which is used to scan Docker containers and images. By [OpenSCAP](https://github.com/OpenSCAP) - [Phonito Security](https://phonito.io/?b=b) :heavy_dollar_sign: - a Docker vulnerability scanner with constant Kubernetes monitoring and pipeline integration.