-
Notifications
You must be signed in to change notification settings - Fork 316
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #7009 from Checkmarx/update-docs-roadmap
update(docs): v2.0.0 docs update
- Loading branch information
Showing
3 changed files
with
57 additions
and
101 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,108 +1,51 @@ | ||
| ## KICS Roadmap | ||
|
|
||
| These are our upcoming features: | ||
| These are our upcoming new supports: | ||
|
|
||
| - Bicep | ||
| - Terraform: Databricks (by default) | ||
| - Terraform: NifCloud (by default) | ||
| - Terraform: TencentCloud (by default) | ||
| - Extend Pulumi Support to .json extention | ||
|
|
||
| - Add new BoM resources: | ||
| - AWS Aurora | ||
| - AWS DynamoDB | ||
| - AWS RDS | ||
| - BoM for Serverless Framework | ||
| - Support Windows Containers | ||
|
|
||
| Have an idea? | ||
| Join the <a href="https://github.com/Checkmarx/kics/discussions" target="_blank">GitHub discussions</a> or contact KICS core team at [kics@checkmarx.com](mailto:kics@checkmarx.com) | ||
|
|
||
| --- | ||
|
|
||
| ## Completed Features | ||
| ## Version 2.0.0 deprecated queries | ||
|
|
||
| | Release | Feature | | ||
| | ------------------ | ----------------------------------------------------------------------------------------- | | ||
| | **September 2022** | | ||
| | v1.6.0 | Support new technologies: Pulumi, Serverless Framework, Crossplane and Knative | | ||
| | v1.6.0 | Kuberneter (dynamic gathering and scan of Kubernetes cluster data through Kubernetes API) | | ||
| | **April 2022** | | ||
| | v1.5.6 | Support REST API to execute KICS scan | | ||
| | v1.5.6 | Support REST API to get KICS scan results | | ||
| | v1.5.6 | Support Cloudformation BOM | | ||
| | **March 2022** | | ||
| | v1.5.5 | Kubelet Configuration Support | | ||
| | v1.5.5 | Display how many lines of IaC were parsed/scanned (in LOGS) | | ||
| | v1.5.5 | Docker compose analyzer support | | ||
| | v1.5.4 | Gitlab KICS added Features - Analyse Merge Requests | | ||
| | v1.5.3 | Support multi-staged Docker queries | | ||
| | **February 2022** | | ||
| | v1.5.2 | Terraformer integration with AZURE | | ||
| | v1.5.2 | Terraformer integration with GCP | | ||
| | v1.5.2 | Multiple paths for queries | | ||
| | v1.5.1 | Cloud Development Kit for Terraform support | | ||
| | **January 2022** | | ||
| | v1.5.0 | Terraformer integration with AWS | | ||
| | v1.5.0 | AWS Serverless Application Model support | | ||
| | v1.5.0 | ASFF report | | ||
| | **December 2021** | | ||
| | v1.4.9 | Google Deployment Manager support | | ||
| | v1.4.9 | gRPC support | | ||
| | v1.4.9 | CycloneDX SBOM report | | ||
| | v1.4.9 | JUnit report | | ||
| | **November 2021** | | ||
| | v1.4.8 | Pre-commit hooks integration | | ||
| | v1.4.8 | SonarQube report | | ||
| | v1.4.7 | Parsers ignore comment by line | | ||
| | v1.4.7 | MegaLinter integration | | ||
| | **October 2021** | | ||
| | v1.4.6 | Terraform Cloud integration | | ||
| | v1.4.5 | Azure Blueprints support | | ||
| | v1.4.5 | Bill-of-Material for cloud-resources generation (--bom option) | | ||
| | v1.4.5 | Terraform plan support | | ||
| | **September 2021** | | ||
| | v1.4.4 | Terraform verified modules support | | ||
| | v1.4.3 | Passwords and Secrets mechanism | | ||
| | v1.4.3 | --disable-secrets and --secrets-regexes-path option | | ||
| | v1.4.3 | TravisCI integration example | | ||
| | v1.4.2 | --exclude-severities and --libraries-path option | | ||
| | **August 2021** | | ||
| | v1.4.1 | Ignore/disable/enable feature on commented files | | ||
| | v1.4.0 | Azure Resource Manager support | | ||
| | v1.4.0 | Terraform functions | | ||
| | v1.4.0 | CIS descriptions | | ||
| | **July 2021** | | ||
| | v1.3.5 | --input-data option | | ||
| | v1.3.5 | Improved documentation | | ||
| | **June 2021** | | ||
| | v1.3.3 | PDF report | | ||
| | v1.3.2 | Gitlab SAST report | | ||
| | v1.3.2 | Improved HTML report (path, platform, start/end times) | | ||
| | **May 2021** | | ||
| | v1.3.0 | Improved performance (sample filtering and parallel scans) | | ||
| | v1.3.0 | Improved Logs (CPU, RAM outputs) | | ||
| | v1.3.0 | Jenkinsfile documentation and examples | | ||
| | v1.3.0 | CircleCI integration example | | ||
| | **April 2021** | | ||
| | v1.2.4 | Added Open API 3.0 support | | ||
| | v1.2.4 | Distribution platforms: Homebrew | | ||
| | v1.2.2 | Terraform - Parameters files support | | ||
| | **March 2021** | | ||
| | v1.2.1 | Helm support | | ||
| | v1.2.1 | Reporting - add HTML format | | ||
| | v1.2.0 | Documentation - Queries catalog | | ||
| | v1.2.0 | Reporting - add SARIF format | | ||
| | v1.2.0 | Improved CLI outputs (progess, coloring, logo) | | ||
| | v1.2.0 | Engineering and performance improvements | | ||
| | **February 2021** | | ||
| | v1.1.4 | CI/CD improved documentation | | ||
| | v1.1.3 | Mac support | | ||
| | v1.1.3 | Hard-coded secret keys detection | | ||
| | **January 2021** | | ||
| | v1.1.1 | Adding more queries and extending coverage | | ||
| | v1.1.1 | Adding more CI/CD integrations | | ||
| | v1.1.1 | Engineering and performance improvements | | ||
| | **December 2020** | | ||
| | v1.1.0 | K8S support | | ||
| | v1.1.0 | Docker support | | ||
| | v1.1.0 | Ansible support | | ||
| | v1.1.0 | AWS CloudFormation support | | ||
| | **November 2020** | | ||
| | v1.0.0 | First version of KICS engine | | ||
| | v1.0.0 | Terraform support, 50 queries | | ||
| | v1.0.0 | Delivery: CLI & Docker | | ||
| | QueryID |Name|Platform| | ||
| |-----------------------------|---|---| | ||
| |7fdc2bf3-6bc0-4cb3-84c5-cfd041c0f892|ECS Task Definition Container With Plaintext Password|Ansible| | ||
| |8e3063f4-b511-45c3-b030-f3b0c9131951|IAM Password Without Lowercase Letter|Ansible| | ||
| |9cf25d62-0b96-42c8-b66d-998cd6ee5bb8|IAM Password Without Number|Ansible| | ||
| |83957b81-39c1-4191-8e12-671d2ce14354|IAM Password Without Uppercase Letter|Ansible| | ||
| |309edc5b-5a59-42b4-a357-d4d098311fd4|S3 Bucket SSE Disabled|Ansible| | ||
| |1e2341ba-a5cf-4f0a-a5f6-47e90c68ea89|User Data Shell Script Is Encoded|Ansible| | ||
| |f9b10cdb-eaab-4e39-9793-e12b94a582ad|ECS Task Definition Container With Plaintext Password|CloudFormation| | ||
| |f4cf35d6-da92-48de-ab70-57be2b2e6497|IAM Password Without Lowercase Letter|CloudFormation| | ||
| |839f238f-2e3a-4a72-b945-8abdf91af955|IAM Password Without Number|CloudFormation| | ||
| |d72a7869-e8b9-4e12-bcd2-e8be10b39fa7|IAM Password Without Symbol|CloudFormation| | ||
| |445020f6-b69e-4484-847f-02d4b7768902|IAM Password Without Uppercase Letter|CloudFormation| | ||
| |64ab651b-f5b2-4af0-8c89-ddd03c4d0e61|S3 Bucket SSE Disabled|CloudFormation| | ||
| |4fbfee74-8186-40d5-a24e-4baa76a855de|SQS Queue Policy Allows NotAction|CloudFormation| | ||
| |4a8fc9a2-2b2f-4b3f-aa8d-401425872034|SQS Queue Policy Allows NotPrincipal|CloudFormation| | ||
| |48c3bc58-6959-4f27-b647-4fedeace23be|User Data Shell Script Is Encoded|CloudFormation| | ||
| |5fa731ea-e844-47a6-a1e8-abc25e95847e|Vulnerable OpenSSL Version|Dockerfile| | ||
| |9d43040e-e703-4e16-8bfe-8d4da10fa7e6|Container CPU Requests Not Equal To It's Limits|Kubernetes| | ||
| |aafa7d94-62de-4fbf-8838-b69ee217b0e6|Container Memory Requests Not Equal To It's Limits|Kubernetes| | ||
| |aee3c7d2-a811-4201-90c7-11c028be9a46|Container Requests Not Equal To It's Limits|Kubernetes| | ||
| |2f1a0619-b12b-48a0-825f-993bb6f01d58|Not Limited Capabilities For Container|Kubernetes| | ||
| |70d3873e-d537-46e5-ac3b-4e48fbdd29b4|Cleartext API Key In Global Security (v2)|OpenAPI| | ||
| |9c238c97-1991-4c0b-9c7d-6c7912e1dc7c|Cleartext API Key In Global Security (v3)|OpenAPI| | ||
| |99733b39-6413-4ed8-8acf-dc7cdc9b4e51|Cleartext API Key In Operation Security (v2)|OpenAPI| | ||
| |d90d4e40-44c1-4125-87a0-e072c3e195b5|Cleartext API Key In Operation Security (v3)|OpenAPI| | ||
| |de92dd34-1b88-43e8-b825-6e02d73c4549|IAM Password Without Lowercase Letter|Pulumi| | ||
| |d40210ea-64b9-4cce-a4fb-e8604f3c062c|ECS Task Definition Container With Plaintext Password|Terraform| | ||
| |bbc7c137-6c7b-4fc4-984a-0c88e91fcaf9|IAM Password Without Lowercase Letter|Terraform| | ||
| |7a70eed6-de3a-4da2-94da-a2bbc8fe2a48|IAM Password Without Symbol|Terraform| | ||
| |c5ff7bc9-d8ea-46dd-81cb-8286f3222249|IAM Password Without Uppercase Letter|Terraform| | ||
| |2acb555f-f4ad-4b1b-b984-84e6588f4b05|Not Limited Capabilities For Pod Security Policy|Terraform| | ||
| |2bc626a8-0751-446f-975d-8139214fc790|Role Assignment Of Guest Users|Terraform| | ||
| |6726dcc0-5ff5-459d-b473-a780bef7665c|S3 Bucket SSE Disabled|Terraform| | ||
| |9cf718ce-46f9-430e-89ec-c456f8b469ee|User Data Shell Script Is Encoded|Terraform| |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters