Prevent secret leaks: Find and secure secrets across your repositories and pipelines
Secrets security requires detection across hundreds of access tokens, API keys, certificates, passwords, etc., embedded into existing developer workflows.
Secure vulnerable images found in IaC templates with Bridgecrew
Learn how to proactively identify and scan vulnerable images sourced in IaC and CI/CD files with Bridgecrew’s new Image Referencer capability.
Full-stack code visibility with Bridgecrew’s Software Bill of Materials (SBOM) generation
Learn how to get visibility into risk exposure and prevent supply chain attacks with Bridgecrew’s software bill of materials (SBOM) generation capabilities.
Checkov 2.1 roundup: Expanding into AppSec, supply chain security, and more
Checkov 2.1 is packed with scanning support for new IaC frameworks, expanded supply chain and AppSec use cases, and more.
Announcing new scanning support for Bicep templates with Checkov and Bridgecrew
Bridgecrew and Checkov now support scanning Bicep templates for misconfigurations! See how you can scan your IaC files and compare them against Azure security best practices.
Bridgecrew’s HashiCorp Terraform Cloud Run Task integration available to all
With Terraform Cloud Run Tasks out of beta, everyone can now natively secure Terraform deployments with Bridgecrew.
The key to DevSecOps success: Cross-team knowledge sharing
The core of DevSecOps includes cross-team collaboration and knowledge sharing. Here are three things devs and security can learn from each other.
5 ways to configure a monorepo for DevSecOps efficiency
As monorepos get more popular, we’re sharing our tips to make sure they’re configured for optimal DevSecOps efficiency.
Building the Business Case for DevSecOps
Find out how the collaboration and productivity benefits of DevSecOps outweigh the upfront investment costs of training and implementation.
Hacktoberfest Highlight: Generate an IaC SBOM using Checkov’s CycloneDX Output
Thanks to Hacktoberfest contributor Paul Horton, Checkov now outputs to CylconeDX XML format so you can build an IaC SBOM and tackle IaC risks.
5 common Kubernetes misconfigs and how to fix them
Kubernetes is a powerful tool with enough settings to deploy a performant, scalable, and reliable…
It’s not all bad! Using cloud drift for teachable moments
Drift between running cloud resources and their associated infrastructure as code (IaC) will inevitably happen. Learn how to use drift as a learning opportunity and provide training on how to prevent it in the future.