Learn how Checkov's Secrets Scanning feature helps look for exposed credentials in IaC templates before a damaging leak occurs.
Authorize who can modify an IaC resource straight from your CI/CD pipeline using auto-tagging with Yor and policy-as-code with Checkov.
Yor is an automated IaC tag and trace tool that automatically adds attribution and trace tags to lower MTTR and simplify access control and cost allocation.
No, this isn’t another post about the Secure Development Lifecycle. This is a practical post…
Define how infrastructure should be governed with custom Checkov policies that can easily be shared across your organization for reuse.
Today we officially became part of Palo Alto Networks, joining Prisma Cloud! In the two…
Learn how to leverage Checkov and Bridgecrew to scan both raw Terraform files and Terraform plan output for security and compliance errors.
Programmatic access makes it easier to automate tasks, but at the price of increased risk. Learn how to overcome these risks with AWS best practices on access keys management.
We’re proud to bring IaC security scanning to GitHub with our new GitHub code scanning integration.
By investing in IaC security, DevOps and security teams leverage the scalability and predictability of IaC to maintain a strong cloud security posture.
Use Checkov, Bridgecrew's OSS infrastructure as code analysis tool, to scan Kubernetes manifests and identify security issues in Kubernetes workloads.
Learn how to identify errors in infrastructure-as-code templates with Bridgecrew's new Terraform security training project TerraGoat.