kapitan-reference VS checkov

Compare kapitan-reference vs checkov and see what are their differences.


Reference structure for Kapitan - alpha version (by kapicorp)


Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew. (by bridgecrewio)
Our great sponsors
  • Sonar - Write Clean Python Code. Always.
  • InfluxDB - Access the most powerful time series database as a service
  • SaaSHub - Software Alternatives and Reviews
kapitan-reference checkov
2 48
40 5,627
- 1.9%
4.0 10.0
about 1 month ago 6 days ago
Python Python
- Apache License 2.0
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.


Posts with mentions or reviews of kapitan-reference. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-01-19.


Posts with mentions or reviews of checkov. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-03-21.

What are some alternatives?

When comparing kapitan-reference and checkov you can also consider the following projects:

tfsec - Security scanner for your Terraform code [Moved to: https://github.com/aquasecurity/tfsec]

tflint - A Pluggable Terraform Linter

trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

OPA (Open Policy Agent) - An open source, general-purpose policy engine.

terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

terraform-security-scan - Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec

cfn_nag - Linting tool for CloudFormation templates

terratest - Terratest is a Go library that makes it easier to write automated tests for your infrastructure code.

kics - Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

tfsec - Security scanner for your Terraform code

atlantis - Terraform Pull Request Automation

conftest - Write tests against structured configuration data using the Open Policy Agent Rego query language