Terraform Enterprise + Bridgecrew: Secure development at enterprise scale
Our newest HashiCorp integration allows Terraform Enterprise customers to enforce security best practices at scale with policy-as-code.
Four steps to get started with a ‘bottom-up’ cybersecurity approach
Learn about bottom-up cybersecurity. We give you 4 tips to get started with creating a culture of developer-centered security in your organization.
CloudFormation security 101: Four basic best practices for secure infrastructure as code
Learn some basic AWS CloudFormation best practices you can use to build and maintain CloudFormation templates securely.
Keep your software supply chain secure with these new VCS policies
To help organizations enforce supply chain security best practices, Checkov and Bridgecrew now scan GitHub, GitLab, and Bitbucket configurations.
Code to Cloud Summit Recap: Highlights from 15+ DevSecOps Sessions and 25+ Expert Speakers
Watch our Code to Cloud Summit reel to see the 24 hours of DevSecOps and shift-left security talks in 24 minutes or read a play-by-play by theme.
Intellyx BrainBlog: Don’t break the software supply chain. Secure it.
In this Intellyx BrainBlog, Jason English explores the components and risks of modern software supply chains and the part developers play in securing them.
4 supply chain risks in Terraform and how to prevent them with Checkov
Learn how to prevent Terraform supply chain weaknesses across code and delivery pipelines with Checkov to prevent software supply chain attacks.
Introducing Supply Chain Security: Visualize and secure your code and delivery pipelines
Software supply chain attacks are on the rise. Our new supply chain visualization provides a snapshot of your supply chains to understand your code to cloud attack surface.
Prioritize, skip, and fail with policy severities in Checkov
Policy severities are now included in Checkov to help prioritize findings and make CI/CD skip and fail flags more manageable.
Level-up your cloud tagging strategy with Bridgecrew’s new IaC Tag Rule Manager
Maintaining GitOps and addressing cloud misconfigurations is even easier with Bridgecrew’s IaC auto-tagging and new centralized IaC Tag Rule Manager.
Migrating To Kubernetes? Embrace Infrastructure As Code As Well
When implemented and leveraged together, Kubernetes and infrastructure as code (IaC) can help automate security and reduce friction between devs and security.
6 key Kubernetes DevSecOps principles: People, processes, technology
These are the key principles to keep in mind when developing a Kubernetes DevSecOps strategy—from embedding the right processes across the application lifecycle to measuring the right KPIs and hiring the right talent.