Bridgecrew, Author at Bridgecrew

AppSec and CloudSec 101: Blurring the lines between cloud-native app layers

Bridgecrew September 28, 2022September 27, 2022

Learn why AppSec and CloudSec are blurring together, and get tips for leveraging IaC to maintain cohesive application and infrastructure security for your cloud-native teams.

Open source security

The rise of software developers in cloud security

Bridgecrew September 15, 2022September 15, 2022

Learn about the rise of developer-first cloud security that automates cloud-native security, simplifies permissions, and implements DevSecOps.

DevSecOps

6 delivery pipeline security best practices for secure software supply chains

Bridgecrew August 18, 2022August 18, 2022

Learn 6 VCS and CI/CD weaknesses that may leave your software supply chain vulnerable to attack and how to address them.

Supply chain security

How to prevent the 5 most common software supply chain weaknesses

Bridgecrew July 28, 2022August 23, 2022

Learn the basics of software supply chain security and 7 best practices to protect yourself against common software supply chain weaknesses.

DevSecOps

5 CloudFormation security tips to take your AWS security to the next level

Bridgecrew April 26, 2022July 27, 2022

Learn these 5 AWS CloudFormation security best practices to protect your pipelines, manage compliance, and detect cloud drift.

Infrastructure as code

CloudFormation security 101: Four basic best practices for secure infrastructure as code

Bridgecrew April 13, 2022July 27, 2022

Learn some basic AWS CloudFormation best practices you can use to build and maintain CloudFormation templates securely.

Infrastructure as code

6 key Kubernetes DevSecOps principles: People, processes, technology

Bridgecrew February 22, 2022July 27, 2022

These are the key principles to keep in mind when developing a Kubernetes DevSecOps strategy—from embedding the right processes across the application lifecycle to measuring the right KPIs and hiring the right talent.

DevSecOps

From manifest to workload: Embedding Kubernetes security at each phase of the DevOps lifecycle

Bridgecrew February 15, 2022February 22, 2022

The key to holistic Kubernetes security is to identify risks at each stage of the DevOps lifecycle to prevent risks within a Kubernetes production environment.