Comparing Checkov and the Bridgecrew platform
Checkov scans for misconfigurations in infrastructure as code (IaC) templates with hundreds of out-of-the-box policies. The Bridgecrew platform extends those capabilities with native VCS and CI/CD integrations, more fine-tuned controls, and automated security-as-code fixes.
Identify misconfigurations in IaC templates with Checkov
- Scans Terraform, CloudFormation, Kubernetes, Helm, ARM, and Serverless framework templates
- Powered by a graph-based backend framework that enables scanning across connected resources
- Includes 800+ policies sourced from industry frameworks (e.g. CIS, PCI, HIPAA) and community-sourced checks
- Open-source and fully extensible with custom checks, check skips, and integrations with build pipelines
Take Checkov to the next level with Bridgecrew
- Extends protection to cover cloud security from IaC in build-time to resources and workloads runtime
- Integrates natively with VCS and CI/CD providers to provide relevant and actionable feedback for changes as they’re being introduced.
- Provides automated fixes via pull requests in build-time and lambdas in runtime
- Includes audit history of configurations over time and downloadable compliance reports
|Cloud runtime scanning||-|
|Custom policies||Requires customization|
|Pull request fixes||-|
|Cloud provider integrations||-|