Bridgecrew’s 2020 Year in Review

Bridgecrew 2020 Year in Review

For most of us, 2020 is a year we’re more than ready to leave behind. But as a company that started ramping up just as the global pandemic was settling in, we have a lot to be thankful for this year.

Supported by our exceptional investors, advisors, partners, customers, and community, we’ve been hard at work laying the foundation for the codified cloud security movement. This year our product has evolved tremendously with countless new features, our customer base has more than tripled, and our open-source community has grown exponentially.

To round it out, we wanted to take a moment to celebrate our accomplishments and give thanks to everyone who contributed. 💜

2020 company milestones

Although we started building Bridgecrew last year, 2020 is the year our platform and our team really came into their own. Working with our early customers, we identified the opportunity to codify cloud security and embed it into the development lifecycle through automation and infrastructure as code (IaC). To help us build a movement around that opportunity, we announced our $14M Series A led by Battery Ventures in April.

Growing Crew

With R&D and engineering growing fast in Tel Aviv already, we started (remotely) building our go-to-market teams this year. From developer relations and marketing to sales and partnerships, I’m so proud of the team we’re building that currently spans five time zones.

By September, we couldn’t fit the entire Crew on one Zoom screen!

We’re hiring across the board! Check out our open positions here.

New partnerships

We wouldn’t be where we are today without the support and guidance from our partners. These are our two favorite moments with partners from the year:

  • Achieving AWS Security and DevOps Competency status as Advanced APN Technology Partners. Read the release here.
  • Being included in Erica Brescia’s GitHub Universe keynote as a featured security partner. Watch the segment below:

These highlights, plus our ongoing partnerships with HashiCorp, CircleCI, Bitbucket, and others, are exciting indicators of what’s to come in 2021.


Building out the Bridgecrew platform

Our top priority for the year was to build the most intuitive developer-first cloud security platform on the market. Here are a few of our proudest accomplishments of the year.

Expanded Bridgecrew ecosystem

Since its official launch earlier this year with support for AWS, Google Cloud, Azure, Terraform, CloudFormation, and Kubernetes, the Bridgecrew platform has expanded immensely.

Bridgecrew now supports scanning for security issues in Serverless Framework, AWS CDK, and Azure Resource Manager. Our integrations with version control systems, CI/CD providers, ticketing platforms, and notification apps make everything Bridgecrew has to offer even more accessible.


With 500+ security and compliance policies in the Bridgecrew platform, we cover all common cloud risks associated with industry security and compliance benchmarks like CIS, HIPPA, SOC2, and more. But with Bridgecrew, cloud security is more than just enforcing standard policies.

Our security-as-code approach makes it easy to define your own custom policies and fix policy violations in both runtime and build-time. We take that a step further by transforming cloud misconfigurations into secure and compliant infrastructure code.

The developer experience

What we’re most excited about this year is the work we’ve done to improve the developer experience in Bridgecrew. To do that, we invested heavily in our GitHub integration to provide security feedback at the right place and time. We recently launched Code Reviews to make sure feedback is relevant and actionable.

There’s no way to cover all of our new features and improvements in this post. Check out all of our major announcements on our blog and check out our Changelog for all releases.

Open-source projects

As a developer-first company, we’ve been committed to our open-source projects and research (such as our 2020 State of Open Source Terraform Security report) from the start. This year we brought four new projects to the codified cloud security community.


We started off 2020 by launching Checkov, our open-source IaC security scanner with initial support for Terraform. Since then, we’ve expanded its supported frameworks (Kubernetes and Helm charts, to name a few), and have worked with our community contributors to add new functionality (like our recently announced Terraform variable evaluation support).

We’ve received overwhelming support from the community with almost 2k stars on GitHub and nearly 1M downloads! It’s been amazing to see how Checkov fits into the ecosystem and how different developers and teams are embracing it.


This year we saw firsthand the challenges that IAM poses for security. To help teams address those risks, we created AirIAM. This open-source project is designed to identify unused and over-privileged roles and permissions and replace IAM sprawl with least-privileged IAM configuration.

Vulnerable-by-design projects

In addition to Checkov and AirIAM, we wanted to create helpful resources for developers to get acquainted with IaC security best practices. We built our two vulnerable-by-design projects, TerraGoat and CfnGoat, to demonstrate what IaC misconfigurations look like and how to avoid them in day-to-day infrastructure development.

Join our #CodifiedSecurity Slack channel to join the conversation.


Despite the chaos that the past year has dealt, we’re incredibly proud of the headway we’ve made towards our mission—bringing codified cloud security to everyone.

We look forward to working with you all in the new year and hope 2021 brings you everything you wish for and more. 🖖

Reg Barclay will save us! in 2020 | Star trek funny, Star trek images, Star trek ds9