New in Bridgecrew: Get actionable cloud security feedback on every commit with Code Reviews

At Bridgecrew, our goal is to give developers actionable cloud security feedback in the right place at the right time.

Building on the foundations of infrastructure as code (IaC) and GitOps, Bridgecrew’s build-time scanning shifts cloud security earlier in the development lifecycle. And with built-in VCS and CI/CD integrations, IaC scanning is easily embedded into the tools and workflows developers already rely on.

Our newest feature, Code Reviews, makes Bridgecrew’s IaC security scanning even more native to developer workflows.

Check out the quick demo below to see Code Reviews in action or keep reading to learn more.

Accessible and actionable security feedback

With Bridgecrew’s Code Reviews, you’ll see errors relevant only to the changes being made on your current branch—before they’re merged. In your GitHub, following the linked Details in your pull request or commit status checks will direct you to an easy-to-follow checklist for reviewing identified infrastructure misconfigurations.

Status check Code Reviews

Code Reviews puts context switching at a minimum by making it easier and quicker to review and fix errors in a single view.

If further investigation is needed, select More. When you’re ready, fix one, several, or all issues and select Submit. Once you’ve implemented your security-as-code fixes, jump back into your pull request to continue your review, and get ready to merge. 🚀

To review errors identified in previous commits, you can also access them from the new Code Reviews tab.

Code Reviews tab

···

When paired with security-as-code fixes, Code Reviews makes cloud security even more actionable, so you can spend less time tracking down misconfigurations and more time writing awesome (and secure) code.

Head over to your Bridgecrew account to check it out for yourself, and join us on Slack to let us know what you think!