FreeVisit Website
TL;DR - Checkov
- Free open-source infrastructure-as-code security scanner by Bridgecrew (Prisma Cloud)
- 1000+ built-in policies for Terraform, CloudFormation, Kubernetes, and Dockerfile
- Graph-based scanning for CIS, NIST, HIPAA, GDPR compliance with CI/CD integration
Pricing: Free forever
Best for: Individuals & startups
Score: 70/100
Pros & Cons
Pros
- IaC security scanning
- Many frameworks
- Open source
- Policy as code
- CI/CD integration
Cons
- False positives
- Learning curve
- Output verbose
- Custom policies complex
- Documentation gaps
Key Features
IaC scanningPolicy as codeMulti-frameworkCI/CD integrationCustom policiesOpen source
Pricing Plans
Open Source
Free
- 750+ built-in policies
- CIS, PCI, HIPAA compliance
- Custom policies (Python/YAML)
- CLI and VS Code extension
- CI/CD integration
- Free forever
Prisma Cloud
Contact sales
- All open source features
- Runtime scanning
- Pull request annotations
- Repository badges
- Compliance reports
- Enterprise support
About Checkov
By Toolradar Team·
Checkov is an open-source static analysis tool for infrastructure as code. Scan Terraform, CloudFormation, Kubernetes, and Dockerfiles for security and compliance issues. 1,000+ built-in policies cover common misconfigurations. Custom policies extend coverage to your organization's requirements. Integrates with CI/CD pipelines to prevent insecure infrastructure. Shift security left by catching issues before they reach production.
Reviews
No reviews yet. Be the first to review Checkov!
Best Checkov Alternatives
Top alternatives based on features, pricing, and user needs.
Explore More
Checkov FAQ
What is Checkov?
Checkov scans infrastructure as code (Terraform, CloudFormation, Kubernetes, etc.) for security misconfigurations before deployment.
Is Checkov free?
Yes, Checkov is completely free and open-source under the Apache 2.0 license, developed by Bridgecrew/Palo Alto.
What IaC does Checkov support?
Checkov supports Terraform, CloudFormation, Kubernetes, Helm, ARM templates, Serverless Framework, and more.
Source: checkov.io