In our many years of writing and deploying infrastructure as code (IaC), we have learned that the dichotomy between writing, managing and maintaining infrastructure code, is really no different at all from managing software and application code.  However, to date, the writing through deployment (CI/CD), and long-term maintenance has looked quite different for these different parts of your codebase.

Firefly has come in to unify this concept, without requiring developers or operations teams to change any of their practices––from the code, to the tooling, workflows and practices to production management. This is because the developer experience––of both the dev and the ops––will impact the speed, efficiency, and even cost of delivery in today’s highly competitive markets and industry. We’re excited to be talking about Developer Experience for DevOps Teams at Checkmarx’ upcoming Tech Partner Technology Showcase

We’ve learned that from the moment you have your infrastructure code hosted in git, the next phase of actually automating your deployments remains equally complex as automating your software code deployments, which require the same guardrails and checkpoints to ensure your code is secure, high-quality, cost efficient and much more.

 At Firefly, we understand these challenges and are excited to launch our integration with Checkmarx's KICS, a best of breed open source infrastructure as code security tool, which will significantly improve how you govern and secure your cloud infrastructure from code to cloud.

Firefly and KICS - Better Together

Firefly provides a comprehensive view of your cloud inventory, helping you identify unmanaged assets created through manual processes, codified assets created with IaC tools like Terraform, drifted assets that have been modified manually, and even "Ghost" assets that exist only in state files or stacks. By collecting events from cloud providers on asset changes, Firefly keeps you informed of any modifications to your cloud infrastructure.  This is only one layer of where security misconfigurations or poor security hygiene can hide in your infrastructure stacks.  However, your infrastructure code is not immune to security risks.

The integration of Checkmarx's KICS into Firefly's platform takes your cloud governance to the next level with end-to-end security for your entire infrastructure stack. KICS performs static code analysis on your Infrastructure-as-Code, and will output any security vulnerabilities, misconfigurations, or other security risks  that your IaC may present to your systems. . This integration allows you to identify and address vulnerabilities early in development, reducing the risk of security breaches, data loss, outages or downtime.

The Firefly-KICS integration offers:

  1. Comprehensive IaC Cloud Coverage - KICS's capabilities extend to all your codified cloud resources, ensuring thorough security checks.
  2. Security at Every Stage - Run KICS scans on IaC pull requests, deployments, and existing cloud resources to identify and fix vulnerabilities promptly.IaC and Drift Control - Gain visibility into your IaC ecosystem, including Terraform modules, state files, and providers. Understand your IaC coverage, detect drifts, and resolve them efficiently.

Simplifying Multi-Cloud Complexity

In our recent State of IaC Report, some of the issues that still challenge engineering teams are both the complexity and security concerns of multi-cloud deployments.  With the growing number of clouds, services, tools, and languages being leveraged for both software and infrastructure, getting a grasp of the full inventory and footprint is one source of pain, and then also understanding the optimal ways to secure these stacks across clouds.

By leveraging KICS through the Firefly platform, you can apply the same guardrails to your IaC as you would your software code and automate them through your CI/CD pipelines.  It’s now possible to not only detect drift and ghost assets during your CI/CD checks with Firefly, but also for IaC misconfigurations, vulnerabilities, policy and compliance issues through KICS, and take proactive action to prevent this code from being deployed to production.  This ensures that upon any code change, your IaC will be vetted and ensure that no code is deployed with anything from hard-coded secrets, to insecure configurations, lack of encryption, or anything else that can pose risk to your systems. 

Getting Started with KICS in the Firefly Platform

With Firefly and KICS, you can set new standards in cloud management and confidently navigate the complexities of multi-cloud environments.

Start using Firefly today and take control of your cloud infrastructure, reduce complexity, and unlock the full potential of your multi-cloud environment.

Sign up for Firefly now ( and experience the benefits of improved cloud governance. With Firefly and KICS by your side, you can focus on innovating and growing your business in the cloud.