To help organizations enforce supply chain security best practices, Checkov and Bridgecrew now scan GitHub, GitLab, and Bitbucket configurations.
Learn how to prevent Terraform supply chain weaknesses across code and delivery pipelines with Checkov to prevent software supply chain attacks.
We combined the powers of Cloudsplaining (with the help of its creator Kinnaird McQuade) and Checkov to help organizations assess IAM policies in both build-time and runtime.
Hacktoberfest contribution from Brent Souze allows you to inspect JSON configurations using Checkov, including CI/CD configurations
Drift occurs when changes are made directly to a resource in a cloud provider. Learn how CloudFormation, Terraform, and Bridgecrew handle drift detection.
Use Yor to automate the process of adding team ownership and environment tags to IaC and enforce AWS IAM policies using tagged resources.
Learn how Checkov's Secrets Scanning feature helps look for exposed credentials in IaC templates before a damaging leak occurs.
Authorize who can modify an IaC resource straight from your CI/CD pipeline using auto-tagging with Yor and policy-as-code with Checkov.
Yor is an automated IaC tag and trace tool that automatically adds attribution and trace tags to lower MTTR and simplify access control and cost allocation.
No, this isn’t another post about the Secure Development Lifecycle. This is a practical post…
Define how infrastructure should be governed with custom Checkov policies that can easily be shared across your organization for reuse.
Today we officially became part of Palo Alto Networks, joining Prisma Cloud! In the two…