Even the most popular web server deployment has insecure defaults. Here, we identify misconfigurations in default K8s NGINX deployments.
Use Yor to automate the process of adding team ownership and environment tags to IaC and enforce AWS IAM policies using tagged resources.
Automate AWS Config compliance fixes for infrastructure as code misconfigurations using Yor and Slack notifications.
Prioritize only new infrastructure as code misconfigurations with open-source tool Checkov's baseline feature.
Open source tool Yor can automate cost allocation tags alongside AWS Cost Explorer to narrow down costs per team, project, or environment.
Open source tool Yor automatically add consistent, helpful tags to infrastructure-as-code (IaC) templates in AWS and other frameworks.
Learn how Checkov's Secrets Scanning feature helps look for exposed credentials in IaC templates before a damaging leak occurs.
Authorize who can modify an IaC resource straight from your CI/CD pipeline using auto-tagging with Yor and policy-as-code with Checkov.
Yor is fully extensible and supports any CI pipeline you need, including GitLab CI, to enable a host of “code to cloud” tracking and auditing.
With Yor, you can trace a misconfigured cloud resource back to code and pinpoint the ideal fix location in git.
Bridgecrew uses Terraformer for runtime visibility, scanning, and drift detection. Learn about two contributions we made to the platform.
Yor can auto-tag infrastructure with metadata to categorize resources by purpose, owner, team, environment, and more.