TL;DR - Checkov
- Free open-source infrastructure-as-code security scanner by Bridgecrew (Prisma Cloud)
- 1000+ built-in policies for Terraform, CloudFormation, Kubernetes, and Dockerfile
- Graph-based scanning for CIS, NIST, HIPAA, GDPR compliance with CI/CD integration
Pricing: Free forever
Best for: Individuals & startups
Score: 70/100
Pricing
Free
Checkov is completely free to use with no hidden costs.
About Checkov
Checkov is an open-source static analysis tool for infrastructure as code to prevent misconfigurations.
Reviews
No reviews yet. Be the first to review Checkov!
Write a ReviewExplore More
Checkov FAQ
Checkov scans infrastructure as code (Terraform, CloudFormation, Kubernetes, etc.) for security misconfigurations before deployment.
Yes, Checkov is completely free and open-source under the Apache 2.0 license, developed by Bridgecrew/Palo Alto.
Checkov supports Terraform, CloudFormation, Kubernetes, Helm, ARM templates, Serverless Framework, and more.