---
title:      "Checkov"
ring:       assess
quadrant:   platforms-and-aoe-services

---

Checkov is a static code analysis tool for infrastructure-as-code.

It scans cloud infrastructure provisioned using Terraform, Terraform plan, Cloudformation, Kubernetes, Dockerfile, Serverless or ARM Templates and detects security and compliance misconfigurations using graph-based scanning.

At AOE we use checkov in CI/CD processes to get insights into our Terraform-Modules.