Open source projects Archives

Cloudsplaining and Checkov: Identify AWS IAM least privilege violations from code to cloud

Barak Schoster November 22, 2021

We combined the powers of Cloudsplaining (with the help of its creator Kinnaird McQuade) and Checkov to help organizations assess IAM policies in both build-time and runtime.

Open source projects

Surviving the NGINX Ingress CVE-2021-25742 with Checkov

Steve Giguere November 19, 2021

Read about Checkov's preventative approach to ensuring Kubernetes clusters with NGINX Ingress do not fall victim to the recently published CVE-2021-25742.

Hacktoberfest Highlight: Generate an IaC SBOM using Checkov’s CycloneDX Output

Taylor Smith November 9, 2021November 8, 2021

Thanks to Hacktoberfest contributor Paul Horton, Checkov now outputs to CylconeDX XML format so you can build an IaC SBOM and tackle IaC risks.

Open source projects

New research: Graphing misconfigurations and vulnerabilities to visualize blast radius

Matt Johnson October 21, 2021October 27, 2021

Following up on our recent IaC security findings in the 2H 2021 Cloud Threat Report, we rewrote Helm Scanner to visualize chained misconfigurations and CVEs.

Open source projects

Hacktoberfest contribution spotlight: Securing software delivery pipelines using Checkov JSON scanning

Barak Schoster October 19, 2021October 18, 2021

Hacktoberfest contribution from Brent Souze allows you to inspect JSON configurations using Checkov, including CI/CD configurations

Open source projects

Tutorial: Incorporate IaC Security in your CI/CD pipeline with Bridgecrew, Jenkins, and GitHub

Taylor Smith September 27, 2021September 24, 2021

Learn how to add security into your Jenkins CI/CD to ensure only secure IaC code is committed to a repository and deployed.

Creating a secure Kubernetes NGINX deployment using Checkov

Steve Giguere September 2, 2021January 11, 2022

Even the most popular web server deployment has insecure defaults. Here, we identify misconfigurations in default K8s NGINX deployments.

Open source projects

Blog / Open source projects

Cloudsplaining and Checkov: Identify AWS IAM least privilege violations from code to cloud

Surviving the NGINX Ingress CVE-2021-25742 with Checkov

Hacktoberfest Highlight: Generate an IaC SBOM using Checkov’s CycloneDX Output

New research: Graphing misconfigurations and vulnerabilities to visualize blast radius

Hacktoberfest contribution spotlight: Securing software delivery pipelines using Checkov JSON scanning

Tutorial: Incorporate IaC Security in your CI/CD pipeline with Bridgecrew, Jenkins, and GitHub

Creating a secure Kubernetes NGINX deployment using Checkov

Integrating Yor with AWS IAM for better access control

Automate AWS Config compliance fixes with Yor + Slack

Prioritize new misconfigurations with Checkov’s baseline feature

Simplify cost allocation using Yor automated tagging with AWS Cost Explorer

Best practices for AWS tagging with Yor

Subscribe to our newsletter