https://adtmag.com/articles/2021/02/25/checkmarx-new-iac-scanning-engine.aspx

Software security solutions provider Checkmarx today launched a new open-source static analysis tool designed to allow developers to write more secure infrastructure-as-code (IaC). The new  KICS (Keeping Infrastructure as Code Secure) solution expands Checkmarx application security testing (AST) product line, providing a single platform for securing proprietary code, open source components, and critical infrastructure for both traditional and cloud-native applications.

IaC is the management of infrastructure in a "descriptive model" that generates the same environment every time it is applied. It emerged as a way to solve the problem of environment drift in the release pipeline, and has become is a key DevOps practice to support continuous delivery.