Bridgecrew's Codified Security Blog

Announcing new scanning support for Bicep templates with Checkov and Bridgecrew

Taylor Smith June 9, 2022August 22, 2022

Bridgecrew and Checkov now support scanning Bicep templates for misconfigurations! See how you can scan your IaC files and compare them against Azure security best practices.

Product update

How to adopt infrastructure as code with a secure-by-default strategy

Julia Benson June 3, 2022August 23, 2022

Learn about challenges with building a secure IaC strategy. Here are seven tips to help you build a security-first IaC strategy.

Infrastructure as code

5 ways K8s apps are vulnerable to supply chain attacks

Payton O'Neal May 31, 2022July 29, 2022

Learn about 5 common security risks when working with Kubernetes apps. We’ll also walk through tips to help you secure your software supply chain.

DevSecOps

Bridgecrew’s HashiCorp Terraform Cloud Run Task integration available to all

Taylor Smith May 4, 2022July 29, 2022

With Terraform Cloud Run Tasks out of beta, everyone can now natively secure Terraform deployments with Bridgecrew.

Product update

5 CloudFormation security tips to take your AWS security to the next level

Bridgecrew April 26, 2022July 27, 2022

Learn these 5 AWS CloudFormation security best practices to protect your pipelines, manage compliance, and detect cloud drift.

Infrastructure as code

Terraform Enterprise + Bridgecrew: Secure development at enterprise scale

Matthew Scott April 21, 2022July 29, 2022

Our newest HashiCorp integration allows Terraform Enterprise customers to enforce security best practices at scale with policy-as-code.

Four steps to get started with a ‘bottom-up’ cybersecurity approach

Idan Tendler April 19, 2022July 29, 2022

Learn about bottom-up cybersecurity. We give you 4 tips to get started with creating a culture of developer-centered security in your organization.

DevSecOps

CloudFormation security 101: Four basic best practices for secure infrastructure as code

Bridgecrew April 13, 2022July 27, 2022

Learn some basic AWS CloudFormation best practices you can use to build and maintain CloudFormation templates securely.

Infrastructure as code

Keep your software supply chain secure with these new VCS policies

Barak Schoster April 4, 2022July 24, 2022

To help organizations enforce supply chain security best practices, Checkov and Bridgecrew now scan GitHub, GitLab, and Bitbucket configurations.

Product update

Code to Cloud Summit Recap: Highlights from 15+ DevSecOps Sessions and 25+ Expert Speakers

Payton O'Neal March 25, 2022March 29, 2022

Watch our Code to Cloud Summit reel to see the 24 hours of DevSecOps and shift-left security talks in 24 minutes or read a play-by-play by theme.

Company news

Intellyx BrainBlog: Don’t break the software supply chain. Secure it.

Intellyx March 22, 2022July 24, 2022

In this Intellyx BrainBlog, Jason English explores the components and risks of modern software supply chains and the part developers play in securing them.

DevSecOps

4 supply chain risks in Terraform and how to prevent them with Checkov

Barak Schoster March 16, 2022July 24, 2022

Learn how to prevent Terraform supply chain weaknesses across code and delivery pipelines with Checkov to prevent software supply chain attacks.

Subscribe to our newsletter