New research: Graphing misconfigurations and vulnerabilities to visualize blast radius Matt Johnson October 21, 2021October 27, 2021 Following up on our recent IaC security findings in the 2H 2021 Cloud Threat Report, we rewrote Helm Scanner to visualize chained misconfigurations and CVEs. Open source projects
Hacktoberfest contribution spotlight: Securing software delivery pipelines using Checkov JSON scanning Barak Schoster October 19, 2021October 18, 2021 Hacktoberfest contribution from Brent Souze allows you to inspect JSON configurations using Checkov, including CI/CD configurations Open source projects
Tutorial: Incorporate IaC Security in your CI/CD pipeline with Bridgecrew, Jenkins, and GitHub Taylor Smith September 27, 2021September 24, 2021 Learn how to add security into your Jenkins CI/CD to ensure only secure IaC code is committed to a repository and deployed. Infrastructure as code Open source projects
Creating a secure Kubernetes NGINX deployment using Checkov Steve Giguere September 2, 2021January 11, 2022 Even the most popular web server deployment has insecure defaults. Here, we identify misconfigurations in default K8s NGINX deployments. Open source projects
Integrating Yor with AWS IAM for better access control Barak Schoster August 6, 2021November 22, 2021 Use Yor to automate the process of adding team ownership and environment tags to IaC and enforce AWS IAM policies using tagged resources. Infrastructure as code Open source projects
Automate AWS Config compliance fixes with Yor + Slack Steve Giguere July 29, 2021July 28, 2021 Automate AWS Config compliance fixes for infrastructure as code misconfigurations using Yor and Slack notifications. Infrastructure as code Open source projects
Prioritize new misconfigurations with Checkov’s baseline feature Taylor Smith July 27, 2021July 30, 2021 Prioritize only new infrastructure as code misconfigurations with open-source tool Checkov's baseline feature. Infrastructure as code Open source projects
Simplify cost allocation using Yor automated tagging with AWS Cost Explorer Matt Johnson July 21, 2021July 21, 2021 Open source tool Yor can automate cost allocation tags alongside AWS Cost Explorer to narrow down costs per team, project, or environment. Infrastructure as code Open source projects
Best practices for AWS tagging with Yor Taylor Smith July 19, 2021July 26, 2021 Open source tool Yor automatically add consistent, helpful tags to infrastructure-as-code (IaC) templates in AWS and other frameworks. Infrastructure as code Open source projects
Checkov Secrets Scanning: Find exposed credentials in IaC Barak Schoster July 15, 2021July 21, 2021 Learn how Checkov's Secrets Scanning feature helps look for exposed credentials in IaC templates before a damaging leak occurs. Infrastructure as code Open source projects
Using Yor and Checkov to authorize IaC modifiers from CI/CD Barak Schoster July 14, 2021July 14, 2021 Authorize who can modify an IaC resource straight from your CI/CD pipeline using auto-tagging with Yor and policy-as-code with Checkov. Infrastructure as code Open source projects
Automate infrastructure tagging with Yor and GitLab CI Matt Johnson July 8, 2021July 27, 2021 Yor is fully extensible and supports any CI pipeline you need, including GitLab CI, to enable a host of “code to cloud” tracking and auditing. Infrastructure as code Open source projects