5 common Kubernetes misconfigs and how to fix them
Kubernetes is a powerful tool with enough settings to deploy a performant, scalable, and reliable…
It’s not all bad! Using cloud drift for teachable moments
Drift between running cloud resources and their associated infrastructure as code (IaC) will inevitably happen. Learn how to use drift as a learning opportunity and provide training on how to prevent it in the future.
Tutorial: Incorporate IaC Security in your CI/CD pipeline with Bridgecrew, Jenkins, and GitHub
Learn how to add security into your Jenkins CI/CD to ensure only secure IaC code is committed to a repository and deployed.
Takeaways from the 2021 State of DevOps Report from Puppet
Puppet has just released the 10 year anniversary version of their annual State of DevOps Report. Important findings include the role of automation, cultural buy-in, and more.
5 tips for securely adopting infrastructure as code
Get our top tips for leveraging infrastructure as code (IaC) for efficient cloud management and a secure cloud environment.
7 ways to optimize your VCS for DevSecOps
Follow these seven best practices to optimize your version control system (VCS) and bring security and automation for more robust DevSecOps.
Prioritize new misconfigurations with Checkov’s baseline feature
Prioritize only new infrastructure as code misconfigurations with open-source tool Checkov's baseline feature.
Best practices for AWS tagging with Yor
Open source tool Yor automatically add consistent, helpful tags to infrastructure-as-code (IaC) templates in AWS and other frameworks.
How Coalfire utilizes automation to secure cloud architecture and infrastructure as code
Coalfire worked with Bridgecrew to embed infrastructure as code (IaC) security scanning for Terraform and CloudFormation templates into their CI/CD pipelines.
Applying Kubernetes security best practices to Helm charts
We look at how to apply Kubernetes security best practices to secure Helm charts before deploying them into production environments.
Top 6 considerations for integrating cloud security and GitOps
Learn how to leverage GitOps to continuously enforce cloud security guardrails as infrastructure is developed, delivered, and deployed.