Checkov enables developer-first CI/CD security with new supply chain security policies Guy Eisenkot August 3, 2022September 20, 2022 Learn how you can embed CI/CD best practices into your existing DevOps workflows with Checkov’s new CI/CD security policies. Open source projects
How to prevent the 5 most common software supply chain weaknesses Bridgecrew July 28, 2022August 23, 2022 Learn the basics of software supply chain security and 7 best practices to protect yourself against common software supply chain weaknesses. DevSecOps
Checkov 2.1 roundup: Expanding into AppSec, supply chain security, and more Taylor Smith July 21, 2022August 22, 2022 Checkov 2.1 is packed with scanning support for new IaC frameworks, expanded supply chain and AppSec use cases, and more. Open source projects
Scaling in the cloud? IaC and DevSecOps are here to help Julia Benson July 14, 2022July 29, 2022 Learn how IaC and DevSecOps best practices can make working at scale in the cloud more agile, efficient, simple, and secure. DevSecOps Infrastructure as code
Introducing Development Pipelines: Prioritize and secure high-risk repos and code Gilad Mark July 7, 2022August 23, 2022 Learn how to prioritize security issues across all your repositories and code reviews with Bridgecrew’s Development Pipeline screen. Product update
Crawl, walk, run: Operationalizing your IaC security program Mike Urbanski June 30, 2022August 12, 2022 Learn how to operationalize your infrastructure as code security program with our rollout timeline and guidance for your first ninety days. Infrastructure as code
A primer on secure DevOps: Learn the benefits of these 3 DevSecOps use cases Julia Benson June 16, 2022August 23, 2022 Learn best practices and benefits of taking a DevSecOps approach to AppSec, IaC security, and software supply chain security. DevSecOps
Announcing new scanning support for Bicep templates with Checkov and Bridgecrew Taylor Smith June 9, 2022August 22, 2022 Bridgecrew and Checkov now support scanning Bicep templates for misconfigurations! See how you can scan your IaC files and compare them against Azure security best practices. Product update
How to adopt infrastructure as code with a secure-by-default strategy Julia Benson June 3, 2022August 23, 2022 Learn about challenges with building a secure IaC strategy. Here are seven tips to help you build a security-first IaC strategy. Infrastructure as code
5 ways K8s apps are vulnerable to supply chain attacks Payton O'Neal May 31, 2022July 29, 2022 Learn about 5 common security risks when working with Kubernetes apps. We’ll also walk through tips to help you secure your software supply chain. DevSecOps
Bridgecrew’s HashiCorp Terraform Cloud Run Task integration available to all Taylor Smith May 4, 2022July 29, 2022 With Terraform Cloud Run Tasks out of beta, everyone can now natively secure Terraform deployments with Bridgecrew. Product update
5 CloudFormation security tips to take your AWS security to the next level Bridgecrew April 26, 2022July 27, 2022 Learn these 5 AWS CloudFormation security best practices to protect your pipelines, manage compliance, and detect cloud drift. Infrastructure as code