Join us

ContentUpdates and recent posts about checkov..
Discovery IconThat's all about @checkov — explore more posts below...
 Activity
roock
@roock started using tool Terraform , 1 day, 3 hours ago.
 Activity
roock
@roock started using tool Python , 1 day, 3 hours ago.
 Activity
roock
@roock started using tool Puppet , 1 day, 3 hours ago.
 Activity
roock
@roock started using tool PostgreSQL , 1 day, 3 hours ago.
 Activity
roock
@roock started using tool NixOs , 1 day, 3 hours ago.
 Activity
roock
@roock started using tool Nginx , 1 day, 3 hours ago.
 Activity
roock
@roock started using tool HAProxy , 1 day, 3 hours ago.
 Activity
roock
@roock started using tool GitLab CI/CD , 1 day, 3 hours ago.
 Activity
roock
@roock started using tool GitLab , 1 day, 3 hours ago.
 Activity
roock
@roock started using tool Debian , 1 day, 3 hours ago.
Checkov, created by Bridgecrew (now part of Palo Alto Networks), is an open source policy-as-code scanner for infrastructure-as-code frameworks. It analyzes Terraform, Kubernetes manifests, CloudFormation, Serverless, ARM, Docker, and other IaC formats to detect security, compliance, and configuration issues. Checkov uses a large library of built-in policies mapped to standards like CIS, PCI, SOC2, and NIST, and supports custom policies written in Python or YAML. It integrates seamlessly with CI pipelines, Git repos, and developer workflows, helping teams enforce secure-by-default cloud configurations before deployment. Its coverage, speed, and extensibility make it a flagship tool in cloud DevSecOps.