We’re excited to release CfnGoat 🐐, a security training project for AWS CloudFormation. In addition…
Learn about infrastructure as code (IaC) and Terraform security best practices in this Bridgecrew and HashiCorp webinar recording and recap.
Learn how to scan your Terraform files as part of every code review for misconfigurations and policy violations using GitHub and Bridgecrew.
Bridgecrew embeds seamlessly into the GitHub ecosystem to provide consistent and timely IaC security feedback.
Learn how to scan for security and compliance violations within your CloudFormation templates generated by AWS CDK at build-time with Bridgecrew.
Bridgecrew now extends the Serverless Framework’s existing security and compliance policy to secure configurations on AWS.
Declarative frameworks like Azure Resource Manager (ARM) provide an opportunity to implement security controls earlier Bridgecrew now supports ARM template misconfiguration scanning in addition to monitoring of deployed Azure resources.
By investing in IaC security, DevOps and security teams leverage the scalability and predictability of IaC to maintain a strong cloud security posture.
Learn more about infrastructure as code security best practices and how to use Bridgecrew’ and CircleCI to scan IaC for misconfigurations in this webinar recap.
We scanned the Terraform Registry and analyzed the overall state of infrastructure-as-code security and compliance. Read the full report to learn about the security posture of the IaC ecosystem.
Infrastructure as code security is core to our mission at Bridgecrew which is why we're writing about where security fits into IaC and how to be successful with it.
Use Checkov, Bridgecrew's OSS infrastructure-as-code analysis tool, to scan Kubernetes manifests and identify security issues in Kubernetes workloads.