Skip to content

Roadmap

KICS Roadmap

These are our upcoming new supports:

  • Extend Pulumi Support to .json extention
  • Populate CWE IDs in all remaining queries

Have an idea? Join the GitHub discussions or contact KICS core team at kics@checkmarx.com

Version 2.0.0 deprecated queries

QueryID Name Platform
7fdc2bf3-6bc0-4cb3-84c5-cfd041c0f892 ECS Task Definition Container With Plaintext Password Ansible
8e3063f4-b511-45c3-b030-f3b0c9131951 IAM Password Without Lowercase Letter Ansible
9cf25d62-0b96-42c8-b66d-998cd6ee5bb8 IAM Password Without Number Ansible
83957b81-39c1-4191-8e12-671d2ce14354 IAM Password Without Uppercase Letter Ansible
309edc5b-5a59-42b4-a357-d4d098311fd4 S3 Bucket SSE Disabled Ansible
1e2341ba-a5cf-4f0a-a5f6-47e90c68ea89 User Data Shell Script Is Encoded Ansible
f9b10cdb-eaab-4e39-9793-e12b94a582ad ECS Task Definition Container With Plaintext Password CloudFormation
f4cf35d6-da92-48de-ab70-57be2b2e6497 IAM Password Without Lowercase Letter CloudFormation
839f238f-2e3a-4a72-b945-8abdf91af955 IAM Password Without Number CloudFormation
d72a7869-e8b9-4e12-bcd2-e8be10b39fa7 IAM Password Without Symbol CloudFormation
445020f6-b69e-4484-847f-02d4b7768902 IAM Password Without Uppercase Letter CloudFormation
64ab651b-f5b2-4af0-8c89-ddd03c4d0e61 S3 Bucket SSE Disabled CloudFormation
4fbfee74-8186-40d5-a24e-4baa76a855de SQS Queue Policy Allows NotAction CloudFormation
4a8fc9a2-2b2f-4b3f-aa8d-401425872034 SQS Queue Policy Allows NotPrincipal CloudFormation
48c3bc58-6959-4f27-b647-4fedeace23be User Data Shell Script Is Encoded CloudFormation
5fa731ea-e844-47a6-a1e8-abc25e95847e Vulnerable OpenSSL Version Dockerfile
9d43040e-e703-4e16-8bfe-8d4da10fa7e6 Container CPU Requests Not Equal To It's Limits Kubernetes
aafa7d94-62de-4fbf-8838-b69ee217b0e6 Container Memory Requests Not Equal To It's Limits Kubernetes
aee3c7d2-a811-4201-90c7-11c028be9a46 Container Requests Not Equal To It's Limits Kubernetes
2f1a0619-b12b-48a0-825f-993bb6f01d58 Not Limited Capabilities For Container Kubernetes
70d3873e-d537-46e5-ac3b-4e48fbdd29b4 Cleartext API Key In Global Security (v2) OpenAPI
9c238c97-1991-4c0b-9c7d-6c7912e1dc7c Cleartext API Key In Global Security (v3) OpenAPI
99733b39-6413-4ed8-8acf-dc7cdc9b4e51 Cleartext API Key In Operation Security (v2) OpenAPI
d90d4e40-44c1-4125-87a0-e072c3e195b5 Cleartext API Key In Operation Security (v3) OpenAPI
de92dd34-1b88-43e8-b825-6e02d73c4549 IAM Password Without Lowercase Letter Pulumi
d40210ea-64b9-4cce-a4fb-e8604f3c062c ECS Task Definition Container With Plaintext Password Terraform
bbc7c137-6c7b-4fc4-984a-0c88e91fcaf9 IAM Password Without Lowercase Letter Terraform
7a70eed6-de3a-4da2-94da-a2bbc8fe2a48 IAM Password Without Symbol Terraform
c5ff7bc9-d8ea-46dd-81cb-8286f3222249 IAM Password Without Uppercase Letter Terraform
2acb555f-f4ad-4b1b-b984-84e6588f4b05 Not Limited Capabilities For Pod Security Policy Terraform
2bc626a8-0751-446f-975d-8139214fc790 Role Assignment Of Guest Users Terraform
6726dcc0-5ff5-459d-b473-a780bef7665c S3 Bucket SSE Disabled Terraform
9cf718ce-46f9-430e-89ec-c456f8b469ee User Data Shell Script Is Encoded Terraform