Checkov uses a common command line interface to manage and analyze infrastructure as code (IaC) scan results across platforms such as Terraform, CloudFormation, Kubernetes, Helm, …

Checkov is a static code analysis tool for scanning infrastructure as code (IaC) files for misconfigurations that may lead to security or compliance problems. Checkov includes more …

This Quick Start guide shows how to install Checkov, run a scan, and analyze the results. For more advanced configuration, see the CLI Reference and the rest of this documentation.

In general, it is not recommended to use Alpine with larger Python projects, like Checkov, because of incompatible C extensions. Currently, Checkov can only be installed on Alpine with …

If you have modules stored in a private repository or a private Terraform registry (hosted on Terraform Cloud, Terraform Enterprise or a third-party provider like GitLab), you can grant …

With Checkov you can scan a repository, branch, folder, or a single file with attribute-based misconfigurations or connection state errors. See CLI Command Reference.

Note: This is a subset of environment variables that we believe will be particularly helpful to users of Checkov. For more options, you can explore Checkov’s codebase—such as this example …

You can also apply sophisticated logic to multiple conditions within a Custom Policy. Check out our custom policy examples. After creating tests for your custom policies, you can contribute …

Environment Variables To enrich Prisma Cloud’s context with CI/CD systems data, we strongly recommend that Checkov uses environment variables.

Quick start Overview Integrations Checkov Documentation 1.Welcome What is Checkov? Terms and Concepts