What is the pricing for cfn-nag?

cfn-nag is a free Application Security tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://github.com/stelligent/cfn_nag/ for download and installation instructions.

What are alternatives to cfn-nag?

Popular alternatives to cfn-nag include: 1. DeepSource IaC Security - IaC security scanner that detects misconfigurations in infrastructure code (Commercial) 2. Meterian ISAAC - IaC scanner detecting misconfigs, vulnerabilities & policy violations in templates. (Commercial) 3. KICS - KICS is an open-source Infrastructure as Code security scanner that detects vulnerabilities and misconfigurations through customizable queries and integrates with CI/CD pipelines. (Free) 4. detect-secrets - A pre-commit security tool that scans source code repositories to detect and prevent secrets like API keys, passwords, and credentials from being committed to version control systems. (Free) 5. Snyk Infrastructure as Code - Scans IaC files for misconfigurations before deployment to production. (Commercial) Compare these tools and more at https://cybersectools.com/categories/application-security

Who should use cfn-nag?

cfn-nag is for security teams and organizations that need Security Scanning, DEVSECOPS, AWS, Infrastructure As Code, CI/CD. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Application Security tools can be found at https://cybersectools.com/categories/application-security

What is the pricing for cfn-nag?

cfn-nag is a free Application Security tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://github.com/stelligent/cfn_nag/ for download and installation instructions.

What are alternatives to cfn-nag?

Popular alternatives to cfn-nag include: 1. DeepSource IaC Security - IaC security scanner that detects misconfigurations in infrastructure code (Commercial) 2. Meterian ISAAC - IaC scanner detecting misconfigs, vulnerabilities & policy violations in templates. (Commercial) 3. KICS - KICS is an open-source Infrastructure as Code security scanner that detects vulnerabilities and misconfigurations through customizable queries and integrates with CI/CD pipelines. (Free) 4. detect-secrets - A pre-commit security tool that scans source code repositories to detect and prevent secrets like API keys, passwords, and credentials from being committed to version control systems. (Free) 5. Snyk Infrastructure as Code - Scans IaC files for misconfigurations before deployment to production. (Commercial) Compare these tools and more at https://cybersectools.com/categories/application-security

Who should use cfn-nag?

cfn-nag is for security teams and organizations that need Security Scanning, DEVSECOPS, AWS, Infrastructure As Code, CI/CD. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Application Security tools can be found at https://cybersectools.com/categories/application-security

cfn-nag

cfn-nag is a static analysis tool that scans AWS CloudFormation templates to identify security vulnerabilities and misconfigurations in infrastructure-as-code.

1,288

Application Security Open Source

Security Scanning Devsecops Aws Infrastructure As Code+1

Visit website

Compare

cfn-nag

cfn-nag is a static analysis tool that scans AWS CloudFormation templates to identify security vulnerabilities and misconfigurations in infrastructure-as-code.

Application Security•Static Application Security Testing

Open Source

Security Scanning Devsecops Aws Infrastructure As Code Ci Cd

1,288stars

GitHub Stars

07 Jun

Last commit

Visit Website

Updated 14 Mar 26

Compare

Explore Application Security 46 Alternatives Compare Stacks Market Map Explore All Tools

MCPThe entire cybersecurity market, one prompt awayTry MCP Access

cfn-nag Description

cfn-nag is a static analysis tool designed to scan AWS CloudFormation templates for security vulnerabilities and misconfigurations. The tool identifies various insecure infrastructure patterns including: - Overly permissive IAM policies and rules - Insecure security group configurations - Missing access logging configurations - Lack of encryption settings - Hardcoded password literals in templates cfn-nag can be installed through multiple package managers including gem and brew, making it accessible across different development environments. The tool supports integration with AWS CodePipeline, enabling automated security scanning as part of continuous integration and deployment workflows. The scanner analyzes CloudFormation template files and provides detailed reports highlighting potential security issues, helping developers and DevOps teams identify and remediate infrastructure security problems before deployment.

cfn-nag Description

cfn-nag FAQ

Common questions about cfn-nag including features, pricing, alternatives, and user reviews.

cfn-nag is cfn-nag is a static analysis tool that scans AWS CloudFormation templates to identify security vulnerabilities and misconfigurations in infrastructure-as-code.. It is a Application Security solution designed to help security teams with Security Scanning, DEVSECOPS, AWS.

Have more questions? Browse our categories or search for specific tools.

cfn-nag

cfn-nag is a static analysis tool that scans AWS CloudFormation templates to identify security vulnerabilities and misconfigurations in infrastructure-as-code.

1,288

Application Security Open Source

Security Scanning Devsecops Aws Infrastructure As Code+1

Visit website

Compare

cfn-nag

cfn-nag is a static analysis tool that scans AWS CloudFormation templates to identify security vulnerabilities and misconfigurations in infrastructure-as-code.

Application Security•Static Application Security Testing

Open Source

Security Scanning Devsecops Aws Infrastructure As Code Ci Cd

1,288stars

GitHub Stars

07 Jun

Last commit

Visit Website

Updated 14 Mar 26

Compare