Checkov Logo

Checkov

0
Free
Updated 11 March 2025
Application Security
Cloud Security
Compliance
Infrastructure As Code
Security Audit
Visit Website

Checkov is a static code analysis tool for infrastructure as code (IaC) and software composition analysis (SCA). It scans cloud infrastructure provisioned using various tools like Terraform, Cloudformation, Kubernetes, Dockerfile, and more to detect security and compliance misconfigurations. It also performs Software Composition Analysis (SCA) scanning for open source packages and images to identify Common Vulnerabilities and Exposures (CVEs). Checkov powers Prisma Cloud Application Security, a platform that streamlines cloud security throughout the development lifecycle by identifying, fixing, and preventing misconfigurations in cloud resources and infrastructure-as-code files.

FEATURES

EXPLORE BY TAGS

Cloud Security

Compliance

Infrastructure As Code

Security Audit

SIMILAR TOOLS

diff-gui Logo
diff-gui

A web-based tool for instrumenting and analyzing Android applications using Flask, Jinja, and Redis.

Free
Application Security
Oralyzer Logo
Oralyzer

Open Redirection Analyzer

Free
Application Security
timing_attack Logo
timing_attack

A tool to profile web applications based on response time discrepancies.

Free
Application Security
Redirecting Logo
Redirecting

A tool for redirecting HTTP and HTTPS requests to other URLs.

Free
Application Security
cwe_checker Logo
cwe_checker

cwe_checker is a suite of checks to detect common bug classes in ELF binaries using Ghidra for firmware analysis.

Free
Application Security
Bearer CLI Logo
Bearer CLI

Static application security testing (SAST) tool for scanning source code against security and privacy risks.

Free
Application Security
Damn Small Vulnerable Web Logo
Damn Small Vulnerable Web

Deliberately vulnerable web application for educational purposes.

Free
Application Security
Acunetix Vulnerability Scanner Logo
Acunetix Vulnerability Scanner

A comprehensive web application security testing solution that offers built-in vulnerability assessment and management, as well as integration options with popular software development tools.

Free
Application Security
Hackazon Logo
Hackazon

Hackazon is a free, vulnerable test site with an online storefront to train and test IT security professionals on various vulnerabilities like SQL Injection and cross-site scripting.

Free
Application Security

PINNED

Mandos Logo

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS
BlogContact
LEGAL
Terms of servicesPrivacy policy