Replaces proprietary IaC scanners with an extensible static analysis engine. It detects over 2,000 security misconfigurations in Terraform, Kubernetes, and Docker templates.
Tech Stack
Open Policy AgentTesting & QA
Why kics?
• Extensive library of security queries
• Supports multiple IaC languages
• Fast execution in local environments
Limitations
• High false-positive rate initially
• Complex custom query syntax (Rego)
• Large binary size
3/3/2026
Last Update
361
Forks
269
Issues
Apache-2.0
License
Financial Leak Detected
Stop the "SaaS Tax"
Your team could be burning cash. Switching to kics instantly boosts your runway.
