Author: Mike Smythe

Integrating security scanning into infrastructure as code (IaC) allows detecting misconfigurations early in development. This post explores using the KICS plugin from Checkmarx with AWS CDK. Learn how KICS performs static code analysis to find vulnerabilities and compliance issues in IaC and scans the CDK code to report findings, failing the command for high-severity issues. This shifts security left, mitigating risks in deployed infrastructure.