At Bridgecrew, our goal is to give developers actionable cloud security feedback in the right place at the right time.
Building on the foundations of infrastructure as code (IaC) and GitOps, Bridgecrew’s build-time scanning shifts cloud security earlier in the development lifecycle. And with built-in VCS and CI/CD integrations, IaC scanning is easily embedded into the tools and workflows developers already rely on.
Whether you’re using a VCS or Bridgecrew CLI, our newest feature, Code Reviews, makes Bridgecrew’s IaC security scanning even more native to developer workflows.
Check out the quick demo below to see Code Reviews in action or keep reading to learn more.
Accessible and actionable security feedback
With Bridgecrew’s Code Reviews, you’ll see errors relevant only to the changes being made on your current branch—before they’re merged. In your GitHub pull request or CLI run, following the linked Details (shown below) will direct you to an easy-to-follow checklist for reviewing identified infrastructure misconfigurations.
Code Reviews puts context switching at a minimum by making it easier and quicker to review and fix errors in a single view.
If further investigation is needed, select More. When you’re ready, fix one, several, or all issues and select Submit. Once you’ve implemented your security-as-code fixes, jump back into your pull request to continue your review, and get ready to merge. 🚀
To review errors identified in other branches and previous commits, you can also access them from the new Code Reviews tab.
When paired with security-as-code fixes, Code Reviews makes cloud security even more actionable, so you can spend less time tracking down misconfigurations and more time writing awesome (and secure) code.