You must comply! Why you need proactive open-source license compliance
Learn the basics of open-source license compliance and discover how to adopt a proactive, developer-first approach to open-source security.
Introducing Whorf: The Checkov-powered Kubernetes Admission Controller
Our new Kubernetes Admission features Checkov as the core validator for Kubernetes manifests, preventing vulnerable or misconfigured Kubernetes objects from being deployed.
Easy mitigation for container escape / CVE-2022-0185 Linux kernel vulnerability
Learn about CVE-2022-0185, the latest Linux kernel vulnerability that allows container escape in Kubernetes, and how Checkov’s built-in policies mitigate it.
Surviving the NGINX Ingress CVE-2021-25742 with Checkov
Read about Checkov's preventative approach to ensuring Kubernetes clusters with NGINX Ingress do not fall victim to the recently published CVE-2021-25742.
Creating a secure Kubernetes NGINX deployment using Checkov
Even the most popular web server deployment has insecure defaults. Here, we identify misconfigurations in default K8s NGINX deployments.
Automate AWS Config compliance fixes with Yor + Slack
Automate AWS Config compliance fixes for infrastructure as code misconfigurations using Yor and Slack notifications.
A deep dive into code to cloud tracing with Yor
With Yor, you can trace a misconfigured cloud resource back to code and pinpoint the ideal fix location in git.