5 CloudFormation security tips to take your AWS security to the next level
Learn these 5 AWS CloudFormation security best practices to protect your pipelines, manage compliance, and detect cloud drift.
CloudFormation security 101: Four basic best practices for secure infrastructure as code
Learn some basic AWS CloudFormation best practices you can use to build and maintain CloudFormation templates securely.
6 key Kubernetes DevSecOps principles: People, processes, technology
These are the key principles to keep in mind when developing a Kubernetes DevSecOps strategy—from embedding the right processes across the application lifecycle to measuring the right KPIs and hiring the right talent.
From manifest to workload: Embedding Kubernetes security at each phase of the DevOps lifecycle
The key to holistic Kubernetes security is to identify risks at each stage of the DevOps lifecycle to prevent risks within a Kubernetes production environment.
Infrastructure security advantages of leveraging Kubernetes
Kubernetes offers several built-in security features as well as the opportunity to shift infrastructure security left and embrace DevSecOps.
Terraform vs. CloudFormation: Security pros and cons
When it comes to developing and deploying secure infrastructure, Terraform and CloudFormation both have unique quirks and considerations.
What you need to know about Terraform vs. CloudFormation
Exploring the pros and cons of Terraform and CloudFormation, from syntax and state management to modularity and provisioning.
Security Challenges of Developing Kubernetes Infrastructure with IaC
From Kubernetes and Helm misconfigurations to over-privileged containers, here are some of the biggest Kubernetes infrastructure security challenges.
Vulnerabilities vs. Security Misconfigurations: An Essential Primer
Misconfigurations are flaws in the way the software environment is configured, whereas security vulnerabilities are flaws in the software itself.
9 essential infrastructure security considerations for Kubernetes
Kubernetes is the go-to platform for managing containerized applications. Learn the best security practices through Kubernetes' layers and components here.
Scanning Azure Resource Manager (ARM) Templates with Bridgecrew
Declarative frameworks like Azure Resource Manager (ARM) provide an opportunity to implement security controls earlier Bridgecrew now supports ARM template misconfiguration scanning in addition to monitoring of deployed Azure resources.
Announcing CloudFormation Support in Checkov
Checkov, our open-source infrastructure-as-code static analysis tool, now supports CloudFormation in addition to Terraform.