IaC Security
CHECKMARX IaC SECURITY: GET SCALABLE, PLATFORMED INFRASTRUCTURE AS CODE SCANNING
Checkmarx IaC Security simplifies code analysis of IaC files and correlates findings with the Checkmarx One AppSec Platform™

SEE CHECKMARX IaC SECURITY IN ACTION


Experience IaC Security as part of our AppSec platform
Automatically hunt down insecure configurations that could expose your applications, data, or services to attack, and get a better visual understanding of scan results through the Checkmarx One platform.
Visualize and manage IaC scan results
Manage the status of the scan findings and view/change/manipulate/triage results easily. Your team can write and deploy IaC files safely because you can then vet them before rolling them out.
IaC Security as a service
Trigger scans and get results through Checkmarx One, or make IaC scans a step in the CI/CD pipeline to trigger scans. Get a fast, scalable solution that makes IaC scanning a frictionless part of your existing workflows.
Correlate findings across other scan engines
Uses Checkmarx Fusion to correlate your IaC scan results with findings from other scan engines, making it clear which issues to prioritize. No more juggling an avalanche of alerts trying to figure out which ones matter.


Broad coverage enables seamless IaC security
Finds vulnerabilities, compliance issues, and misconfigurations in IaC solutions like Terraform, Kubernetes, Docker, AWS CloudFormation, Ansible, Helm, Google Deployment Manager, AWS SAM, Microsoft ARM, and OpenAPI 3.0 specifications with over 2,000 customizable queries.
Connect with GitHub, GitLab, Jira, and more
Includes native integrations with popular repos like GitHub and GitLab, and feedback solutions such as Jira, which enables the ability to create a ticket to manage scan results in GitHub, for example.
Since we launched Fusion, organizations are now able to visualize their security risk and take measures to remediate issues fast.



Customer value