Checkov
Apache-2.0☁️ Cloud Recon · Python
Checkov is a static analysis tool developed by Bridgecrew (now Palo Alto Networks) that scans infrastructure-as-code files for security misconfigurations and compliance violations across Terraform, CloudFormation, Kubernetes manifests, Helm charts, ARM templates, and Serverless framework configurations. It ships with over 1,000 built-in policies covering AWS, Azure, GCP, and Kubernetes security best practices, and supports custom policies written in Python or YAML. Cloud security engineers, DevOps teams, and compliance officers use Checkov to prevent cloud misconfigurations before deployment by integrating it into CI/CD pipelines as a pre-commit or build-stage gate. The tool also scans container images and open-source package dependencies, providing a comprehensive shift-left security solution for organizations adopting infrastructure-as-code practices.
Tags
Details
- Category
- ☁️ Cloud Recon
- Language
- Python
- Repository
- bridgecrewio/checkov
- License
- Apache-2.0
- Platforms
- 🐧linux🍎macos🪟windows
Links
Community Reviews
No reviews yet. Be the first to review Checkov.
More in Cloud Recon
ScoutSuite
PythonMulti-cloud security auditing tool for AWS, Azure, GCP, Alibaba Cloud, and Oracle Cloud.
CloudMapper
PythonAnalyze AWS environments to create network diagrams and identify security risks.
S3Scanner
GoScan for misconfigured S3 buckets across AWS regions and dump accessible contents.
CloudBrute
GoCloud infrastructure enumerator to find company assets across multiple cloud providers.
MicroBurst
PowerShellPowerShell toolkit for attacking Azure services including storage, key vaults, and automation.
ROADtools
PythonFramework for Azure AD enumeration and exploitation via the internal ROADrecon and ROADlib modules.