Multi-Cloud Drift Detection powered by Yor: Automated infrastructure drift monitoring and fixes
Bridgecrew Multi-Cloud Drift Detection identifies differences between your IaC code and cloud, so you can quickly bring them back in sync.
Happy Hacktoberfest 2021!
Learn about Bridgecrew's contribution to Hacktoberfest 2021. We're getting our open-source community involved and giving away some cool prizes.
Advanced Terraform security: Pro tips for secure infrastructure as code
Learn advanced tips about securing Terraform, such as security scanning at each step of the DevOps lifecycle, keeping IAM sprawl under control, and more.
Supercharge GitHub with IaC security pull request comments and fix suggestions
Bridgecrew has been updated to automatically comment on misconfigurations for resources, and includes richer context and fix suggestions.
Takeaways from the 2021 State of DevOps Report from Puppet
Puppet has just released the 10 year anniversary version of their annual State of DevOps Report. Important findings include the role of automation, cultural buy-in, and more.
Creating a secure Kubernetes NGINX deployment using Checkov
Even the most popular web server deployment has insecure defaults. Here, we identify misconfigurations in default K8s NGINX deployments.
The top 5 secrets management mistakes and how to avoid them
Learn five common mistakes developers while managing the security of secrets like passwords, API keys, tokens, and more.
5 tips for securely adopting infrastructure as code
Get our top tips for leveraging infrastructure as code (IaC) for efficient cloud management and a secure cloud environment.
Terraform security 101: Best practices for secure infrastructure as code
Want to get started with infrastructure as code (IaC)? Get guidelines for securely leveraging Terraform and Terraform modules.
Integrating Yor with AWS IAM for better access control
Use Yor to automate the process of adding team ownership and environment tags to IaC and enforce AWS IAM policies using tagged resources.
7 ways to optimize your VCS for DevSecOps
Follow these seven best practices to optimize your version control system (VCS) and bring security and automation for more robust DevSecOps.
Automate AWS Config compliance fixes with Yor + Slack
Automate AWS Config compliance fixes for infrastructure as code misconfigurations using Yor and Slack notifications.
Prioritize new misconfigurations with Checkov’s baseline feature
Prioritize only new infrastructure as code misconfigurations with open-source tool Checkov's baseline feature.