Roadmap
KICS Roadmap¶
These are our upcoming new supports:
- Extend Pulumi Support to .json extention
- Populate CWE IDs in all remaining queries
Have an idea? Join the GitHub discussions or contact KICS core team at kics@checkmarx.com
Version 2.0.0 deprecated queries¶
| QueryID | Name | Platform |
|---|---|---|
| 7fdc2bf3-6bc0-4cb3-84c5-cfd041c0f892 | ECS Task Definition Container With Plaintext Password | Ansible |
| 8e3063f4-b511-45c3-b030-f3b0c9131951 | IAM Password Without Lowercase Letter | Ansible |
| 9cf25d62-0b96-42c8-b66d-998cd6ee5bb8 | IAM Password Without Number | Ansible |
| 83957b81-39c1-4191-8e12-671d2ce14354 | IAM Password Without Uppercase Letter | Ansible |
| 309edc5b-5a59-42b4-a357-d4d098311fd4 | S3 Bucket SSE Disabled | Ansible |
| 1e2341ba-a5cf-4f0a-a5f6-47e90c68ea89 | User Data Shell Script Is Encoded | Ansible |
| f9b10cdb-eaab-4e39-9793-e12b94a582ad | ECS Task Definition Container With Plaintext Password | CloudFormation |
| f4cf35d6-da92-48de-ab70-57be2b2e6497 | IAM Password Without Lowercase Letter | CloudFormation |
| 839f238f-2e3a-4a72-b945-8abdf91af955 | IAM Password Without Number | CloudFormation |
| d72a7869-e8b9-4e12-bcd2-e8be10b39fa7 | IAM Password Without Symbol | CloudFormation |
| 445020f6-b69e-4484-847f-02d4b7768902 | IAM Password Without Uppercase Letter | CloudFormation |
| 64ab651b-f5b2-4af0-8c89-ddd03c4d0e61 | S3 Bucket SSE Disabled | CloudFormation |
| 4fbfee74-8186-40d5-a24e-4baa76a855de | SQS Queue Policy Allows NotAction | CloudFormation |
| 4a8fc9a2-2b2f-4b3f-aa8d-401425872034 | SQS Queue Policy Allows NotPrincipal | CloudFormation |
| 48c3bc58-6959-4f27-b647-4fedeace23be | User Data Shell Script Is Encoded | CloudFormation |
| 5fa731ea-e844-47a6-a1e8-abc25e95847e | Vulnerable OpenSSL Version | Dockerfile |
| 9d43040e-e703-4e16-8bfe-8d4da10fa7e6 | Container CPU Requests Not Equal To It's Limits | Kubernetes |
| aafa7d94-62de-4fbf-8838-b69ee217b0e6 | Container Memory Requests Not Equal To It's Limits | Kubernetes |
| aee3c7d2-a811-4201-90c7-11c028be9a46 | Container Requests Not Equal To It's Limits | Kubernetes |
| 2f1a0619-b12b-48a0-825f-993bb6f01d58 | Not Limited Capabilities For Container | Kubernetes |
| 70d3873e-d537-46e5-ac3b-4e48fbdd29b4 | Cleartext API Key In Global Security (v2) | OpenAPI |
| 9c238c97-1991-4c0b-9c7d-6c7912e1dc7c | Cleartext API Key In Global Security (v3) | OpenAPI |
| 99733b39-6413-4ed8-8acf-dc7cdc9b4e51 | Cleartext API Key In Operation Security (v2) | OpenAPI |
| d90d4e40-44c1-4125-87a0-e072c3e195b5 | Cleartext API Key In Operation Security (v3) | OpenAPI |
| de92dd34-1b88-43e8-b825-6e02d73c4549 | IAM Password Without Lowercase Letter | Pulumi |
| d40210ea-64b9-4cce-a4fb-e8604f3c062c | ECS Task Definition Container With Plaintext Password | Terraform |
| bbc7c137-6c7b-4fc4-984a-0c88e91fcaf9 | IAM Password Without Lowercase Letter | Terraform |
| 7a70eed6-de3a-4da2-94da-a2bbc8fe2a48 | IAM Password Without Symbol | Terraform |
| c5ff7bc9-d8ea-46dd-81cb-8286f3222249 | IAM Password Without Uppercase Letter | Terraform |
| 2acb555f-f4ad-4b1b-b984-84e6588f4b05 | Not Limited Capabilities For Pod Security Policy | Terraform |
| 2bc626a8-0751-446f-975d-8139214fc790 | Role Assignment Of Guest Users | Terraform |
| 6726dcc0-5ff5-459d-b473-a780bef7665c | S3 Bucket SSE Disabled | Terraform |
| 9cf718ce-46f9-430e-89ec-c456f8b469ee | User Data Shell Script Is Encoded | Terraform |