We’re super excited for Hacktoberfest to return for its eighth year. As stewards of some pretty awesome open-source security tools (at least, we think so), we can’t wait to welcome the Hacktoberfest community to contribute to our open-source projects including Checkov, Yor, our VS Code plugin, and our GitHub Actions.
Hacktoberfest Contribution Prizes
For contributions made between September and October 2021, we have awesome Bridgecrew swag for Hacktoberfest contributors, like the T-shirts you’ll see team Bridgecrew wearing on videos and at events, plus stickers! (and who doesn’t need more stickers on their laptop!)
Here’s how it works:
- Submit one contribution and you’ll receive a super ghoul sticker pack.
- Submit two or more contributions and you’ll receive a swag pack complete with stickers and a wicked Bridgecrew t-shirt.
Once you make your contributions (or if you already have!) claim your swag by simply filling out this form with your name, address, and links to your pull requests.
Making your first Bridgecrew OSS contributions
Are you interested in cloud security, infrastructure as code (IaC), or DevOps automation? Maybe you’re taking your first steps into the world of cybersecurity as a possible career path and want to get hands-on with modern cloud infrastructure tooling?
We’ve put together a number of resources below to help understand Checkov and Yor a little better and how to make your first contributions.
What is Checkov?
Tools like Checkov, our open-source IaC scanner, provide an immediate impact when it comes to improving security posture for infrastructure as code. To get a feel for the problems Checkov is designed to solve, check out this recent 25-minute session on all things IaC security!
Want to learn more about the importance of IaC security? Check out our recent research on open source Helm chart security and this walkthrough of how we resolved all IaC issues identified by Checkov in an NGINX deployment.
To make it super easy to start contributing to Checkov, we’ve outlined prerequisites and best practices in our contribution guidelines and have highlighted a number of good first issues to get started with. 
What is Yor?
Yor is an open-source tool that helps add informative and consistent tags across infrastructure-as-code frameworks such as Terraform, CloudFormation, and Serverless.
To start contributing to Yor, check out the good first issue label and follow the contribution guidelines comment provided by our core engineering team.
And by the way, feel free to join us in our CodifiedSecurity Slack, in #hacktoberfest-21, or GitHub!
Happy Hacktober!
