Secure vulnerable images found in IaC templates with Bridgecrew
Learn how to proactively identify and scan vulnerable images sourced in IaC and CI/CD files with Bridgecrew’s new Image Referencer capability.
Full-stack code visibility with Bridgecrew’s Software Bill of Materials (SBOM) generation
Learn how to get visibility into risk exposure and prevent supply chain attacks with Bridgecrew’s software bill of materials (SBOM) generation capabilities.
The rise of software developers in cloud security
Learn about the rise of developer-first cloud security that automates cloud-native security, simplifies permissions, and implements DevSecOps.
Using your pipelines to harden your pipelines: The importance of CI/CD security for your software supply chain
Learn how to shift your CI/CD security left to proactively harden your pipelines against software supply chain attacks.
6 delivery pipeline security best practices for secure software supply chains
Learn 6 VCS and CI/CD weaknesses that may leave your software supply chain vulnerable to attack and how to address them.
Checkov enables developer-first CI/CD security with new supply chain security policies
Learn how you can embed CI/CD best practices into your existing DevOps workflows with Checkov’s new CI/CD security policies.
How to prevent the 5 most common software supply chain weaknesses
Learn the basics of software supply chain security and 7 best practices to protect yourself against common software supply chain weaknesses.
Checkov 2.1 roundup: Expanding into AppSec, supply chain security, and more
Checkov 2.1 is packed with scanning support for new IaC frameworks, expanded supply chain and AppSec use cases, and more.
Scaling in the cloud? IaC and DevSecOps are here to help
Learn how IaC and DevSecOps best practices can make working at scale in the cloud more agile, efficient, simple, and secure.
A primer on secure DevOps: Learn the benefits of these 3 DevSecOps use cases
Learn best practices and benefits of taking a DevSecOps approach to AppSec, IaC security, and software supply chain security.
5 ways K8s apps are vulnerable to supply chain attacks
Learn about 5 common security risks when working with Kubernetes apps. We’ll also walk through tips to help you secure your software supply chain.
Keep your software supply chain secure with these new VCS policies
To help organizations enforce supply chain security best practices, Checkov and Bridgecrew now scan GitHub, GitLab, and Bitbucket configurations.