Checkov enables developer-first CI/CD security with new supply chain security policies
Learn how you can embed CI/CD best practices into your existing DevOps workflows with Checkov’s new CI/CD security policies.
How to prevent the 5 most common software supply chain weaknesses
Learn the basics of software supply chain security and 7 best practices to protect yourself against common software supply chain weaknesses.
Checkov 2.1 roundup: Expanding into AppSec, supply chain security, and more
Checkov 2.1 is packed with scanning support for new IaC frameworks, expanded supply chain and AppSec use cases, and more.
Scaling in the cloud? IaC and DevSecOps are here to help
Learn how IaC and DevSecOps best practices can make working at scale in the cloud more agile, efficient, simple, and secure.
Introducing Development Pipelines: Prioritize and secure high-risk repos and code
Learn how to prioritize security issues across all your repositories and code reviews with Bridgecrew’s Development Pipeline screen.
Crawl, walk, run: Operationalizing your IaC security program
Learn how to operationalize your infrastructure as code security program with our rollout timeline and guidance for your first ninety days.
A primer on secure DevOps: Learn the benefits of these 3 DevSecOps use cases
Learn best practices and benefits of taking a DevSecOps approach to AppSec, IaC security, and software supply chain security.
Announcing new scanning support for Bicep templates with Checkov and Bridgecrew
Bridgecrew and Checkov now support scanning Bicep templates for misconfigurations! See how you can scan your IaC files and compare them against Azure security best practices.
How to adopt infrastructure as code with a secure-by-default strategy
Learn about challenges with building a secure IaC strategy. Here are seven tips to help you build a security-first IaC strategy.
5 ways K8s apps are vulnerable to supply chain attacks
Learn about 5 common security risks when working with Kubernetes apps. We’ll also walk through tips to help you secure your software supply chain.
Bridgecrew’s HashiCorp Terraform Cloud Run Task integration available to all
With Terraform Cloud Run Tasks out of beta, everyone can now natively secure Terraform deployments with Bridgecrew.
5 CloudFormation security tips to take your AWS security to the next level
Learn these 5 AWS CloudFormation security best practices to protect your pipelines, manage compliance, and detect cloud drift.
Terraform Enterprise + Bridgecrew: Secure development at enterprise scale
Our newest HashiCorp integration allows Terraform Enterprise customers to enforce security best practices at scale with policy-as-code.