Scaling in the cloud? IaC and DevSecOps are here to help
Learn how IaC and DevSecOps best practices can make working at scale in the cloud more agile, efficient, simple, and secure.
Crawl, walk, run: Operationalizing your IaC security program
Learn how to operationalize your infrastructure as code security program with our rollout timeline and guidance for your first ninety days.
How to adopt infrastructure as code with a secure-by-default strategy
Learn about challenges with building a secure IaC strategy. Here are seven tips to help you build a security-first IaC strategy.
5 CloudFormation security tips to take your AWS security to the next level
Learn these 5 AWS CloudFormation security best practices to protect your pipelines, manage compliance, and detect cloud drift.
Terraform Enterprise + Bridgecrew: Secure development at enterprise scale
Our newest HashiCorp integration allows Terraform Enterprise customers to enforce security best practices at scale with policy-as-code.
CloudFormation security 101: Four basic best practices for secure infrastructure as code
Learn some basic AWS CloudFormation best practices you can use to build and maintain CloudFormation templates securely.
4 supply chain risks in Terraform and how to prevent them with Checkov
Learn how to prevent Terraform supply chain weaknesses across code and delivery pipelines with Checkov to prevent software supply chain attacks.
Level-up your cloud tagging strategy with Bridgecrew’s new IaC Tag Rule Manager
Maintaining GitOps and addressing cloud misconfigurations is even easier with Bridgecrew’s IaC auto-tagging and new centralized IaC Tag Rule Manager.
Introducing Whorf: The Checkov-powered Kubernetes Admission Controller
Our new Kubernetes Admission features Checkov as the core validator for Kubernetes manifests, preventing vulnerable or misconfigured Kubernetes objects from being deployed.
Infrastructure security advantages of leveraging Kubernetes
Kubernetes offers several built-in security features as well as the opportunity to shift infrastructure security left and embrace DevSecOps.
Announcing new Checkov framework support for Kustomize
Now with Checkov, you can make reusable Kustomize manifests and all of the resulting environments more secure from the start.
Terraform vs. CloudFormation: Security pros and cons
When it comes to developing and deploying secure infrastructure, Terraform and CloudFormation both have unique quirks and considerations.