What is the pricing for cfn-nag?

cfn-nag is a free Cloud Security tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://github.com/stelligent/cfn_nag/ for download and installation instructions.

What are alternatives to cfn-nag?

Popular alternatives to cfn-nag include: 1. Stacklet Autonomous Governance - AI-native cloud governance platform for cost optimization and compliance (Commercial) 2. TrustOnCloud Comprehensive Threat Research - Cloud service threat research & control library for AWS, Azure, and GCP (Commercial) 3. Opscompass Cloud & Database Asset Intelligence - Cloud & database asset intelligence platform for visibility & compliance (Commercial) 4. Cloudlytics Cloud-Driven Security - Cloud security platform for compliance, event analytics, and asset monitoring (Commercial) 5. Wowrack Cloud Solutions - Global cloud infrastructure and managed IT services provider (Commercial) Compare these tools and more at https://cybersectools.com/categories/cloud-security

Who should use cfn-nag?

cfn-nag is for security teams and organizations that need IAM, Automation, Cloud Security, Security Scanning, DEVSECOPS. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Cloud Security tools can be found at https://cybersectools.com/categories/cloud-security

cfn-nag

cfn-nag is a static analysis tool that scans AWS CloudFormation templates to identify security vulnerabilities and misconfigurations in infrastructure-as-code.

1,288

Cloud Security Open Source

Visit website

Claim and verify your listing

cfn-nag

cfn-nag is a static analysis tool that scans AWS CloudFormation templates to identify security vulnerabilities and misconfigurations in infrastructure-as-code.

Cloud Security•Cloud Security Posture Management

Open Source

Iam Automation Cloud Security

1,288stars

GitHub Stars

07 Jun

Last commit

Visit Website

Claim and verify your listing

Updated 30 Dec 25

Nikoloz Kokhreidze

Founder & Fractional CISO

Not sure if cfn-nag is right for your team?

Book a 60-minute strategy call with Nikoloz. You will get a clear roadmap to evaluate products and make a decision.

→Align tool selection with your actual business goals

→Right-sized for your stage (not enterprise bloat)

→Not 47 options, exactly 3 that fit your needs

→Stop researching, start deciding

→Questions that reveal if the tool actually works

→Most companies never ask these

→The costs vendors hide in contracts

→How to uncover real Total Cost of Ownerhship before signing

Book Session

cfn-nag Description

cfn-nag is a static analysis tool designed to scan AWS CloudFormation templates for security vulnerabilities and misconfigurations. The tool identifies various insecure infrastructure patterns including: - Overly permissive IAM policies and rules - Insecure security group configurations - Missing access logging configurations - Lack of encryption settings - Hardcoded password literals in templates cfn-nag can be installed through multiple package managers including gem and brew, making it accessible across different development environments. The tool supports integration with AWS CodePipeline, enabling automated security scanning as part of continuous integration and deployment workflows. The scanner analyzes CloudFormation template files and provides detailed reports highlighting potential security issues, helping developers and DevOps teams identify and remediate infrastructure security problems before deployment.

cfn-nag Description

cfn-nag FAQ

Common questions about cfn-nag including features, pricing, alternatives, and user reviews.

cfn-nag is cfn-nag is a static analysis tool that scans AWS CloudFormation templates to identify security vulnerabilities and misconfigurations in infrastructure-as-code.. It is a Cloud Security solution designed to help security teams with IAM, Automation, Cloud Security.

Have more questions? Browse our categories or search for specific tools.