Surviving the NGINX Ingress CVE-2021-25742 with Checkov
Read about Checkov's preventative approach to ensuring Kubernetes clusters with NGINX Ingress do not fall victim to the recently published CVE-2021-25742.
Part 3: Top trends from analyzing the security posture of open-source Helm charts
In part three of our open-source Helm security research, we analyze one of the most commonly used dependencies from a security standpoint.
Part 2: Top trends from analyzing the security posture of open-source Helm charts
In part two of our open-source Helm security research, we analyze Helm chart dependencies and provide recommendations for security best practices.
Checkov 2.0: Deeper, broader, and faster IaC scanning
Introducing our biggest update to Checkov 2.0 yet including an all-new graph-based framework, 250 new policies, and Dockerfile support.
Built-in Helm chart scanning with Checkov!
Automatically check Helm charts against Checkov's built-in checks for Kubernetes deployments with native Helm chart scanning!
Creating and sharing custom policies-as-code with Checkov
Define how infrastructure should be governed with custom Checkov policies that can easily be shared across your organization for reuse.
Policy-as-code for custom Terraform providers with Checkov
Learn how to create your own Checkov policies for Terraform providers to enforce infrastructure best practices across your IaaS, PaaS, and SaaS applications.
CodifiedSecurity Office Hours Recap: Episode 05
We’re back with Episode 05 of the #CodifiedSecurity Office Hours! We welcomed Rob Eden from…
Finding and fixing Terraform misconfigurations in variables
With variable rendering support in Checkov, you can now analyze a misconfig even if it was sourced in a parameter defined on a different code block, ensuring that no risk goes unidentified.
Scan Helm charts for Kubernetes misconfigurations with Checkov
Learn how to automate security scanning of Helm charts for Kubernetes misconfigurations with Bridgecrew's open-source scanner, Checkov.
CodifiedSecurity Office Hours Recap: Episode 03
We sat down with Corcoran Smith from Slalom to discuss new Checkov developments, enterprise DevSecOps challenges, and infrastructure as code solutions.
Kubernetes static code analysis with Checkov
Use Checkov, Bridgecrew's OSS infrastructure as code analysis tool, to scan Kubernetes manifests and identify security issues in Kubernetes workloads.