kapitan-reference VS checkov

Compare kapitan-reference vs checkov and see what are their differences.


Reference structure for Kapitan - alpha version (by kapicorp)


Prevent cloud misconfigurations during build-time for Terraform, CloudFormation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew. (by bridgecrewio)
Our great sponsors
  • SonarQube - Static code analysis for 29 languages.
  • Scout APM - Less time debugging, more time building
  • SaaSHub - Software Alternatives and Reviews
kapitan-reference checkov
2 25
34 4,215
- 6.2%
5.5 10.0
about 1 month ago 3 days ago
Python Python
- Apache License 2.0
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.


Posts with mentions or reviews of kapitan-reference. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-01-19.


Posts with mentions or reviews of checkov. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2022-05-15.

What are some alternatives?

When comparing kapitan-reference and checkov you can also consider the following projects:

tfsec - Security scanner for your Terraform code [Moved to: https://github.com/aquasecurity/tfsec]

terraform-security-scan - Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec

terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

trivy - Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues and hard-coded secrets

tflint - A Pluggable Terraform Linter

terratest - Terratest is a Go library that makes it easier to write automated tests for your infrastructure code.

atlantis - Terraform Pull Request Automation

tfsec - Security scanner for your Terraform code

cfn_nag - Linting tool for CloudFormation templates

inspec - InSpec: Auditing and Testing Framework

driftctl - Detect, track and alert on infrastructure drift

conftest - Write tests against structured configuration data using the Open Policy Agent Rego query language