Automate your AWS security with CloudFormation
For AWS users, CloudFormation provides a codified infrastructure as code (IaC) framework to provision cloud resources repeatably, reliably, and at scale. Without the right approach, however, CloudFormation can present security challenges.
Bridgecrew makes AWS security proactive by codifying and automating it through CloudFormation. By embedding AWS security earlier in the development lifecycle through automated scanning and integrating it into developer workflows, Bridgecrew prevents CloudFormation misconfigurations from becoming cloud risk.
Our approach
Security from CloudFormation code to AWS cloud
CloudFormation enables you to automate AWS security to prevent reactive monitoring and minimize cloud risk. By shifting cloud security left, you can spend less time reactively triaging and responding to issues in runtime and more time shipping code that’s secure by default.
Proactive feedback
With automated code scanning and robust IaC coverage, Bridgecrew empowers developers to secure their CloudFormation templates by surfacing security feedback early and providing code fixes.
Seamlessly integrated
By embedding security guardrails into existing DevOps tools and workflows, Bridgecrew ensures that CloudFormation templates follow AWS security best practices before they’re provisioned.
Code to cloud coverage
With code to cloud traceability and policy enforcement, Bridgecrew protects your AWS resources across the entire development lifecycle to bridge the gap between security and engineering.
Cloud DevSecOps Workshop with CloudFormation
Get hands-on experience building an security automation workflow using CloudFormation, AWS Bridgecrew, and your favorite developer tools.
Platform
Codify your AWS security from code to cloud
Surface AWS security misconfigurations as part of every code review, enforce security best practices before CloudFormation resources are deployed, and provide code to cloud coverage so that risks never slip through the cracks.
Get continuous coverage
Enforce hundreds of code to cloud AWS policies that correspond to compliance benchmarks.
Address issues fast
CloudFormation code fixes as well as automated remediations for running AWS resources.
Detect drift
Get alerted if your running AWS resources drift from their CloudFormation templates.
How it works
AWS security across the cloud development lifecycle
Connecting Bridgecrew to both your CloudFormation repos and AWS accounts is the best way to maintain visibility into your code to cloud security posture and continuously ensure code is secure by default.
Bridgecrew for CloudFormation
To start surfacing CloudFormation security feedback in code, leverage our CLI or IDE plugins. For continuous scanning as part of code reviews and builds, integrate with a CloudFormation VCS repository or integrate Bridgecrew with your CI/CD pipeline.
Bridgecrew for AWS
In addition to providing CloudFormation scanning, Bridgecrew supports runtime security. Connect Bridgecrew to your AWS accounts to find and fix security issues within your running cloud resources and get alerted when configuration drift occurs.
Get started with Bridgecrew for CloudFormation and AWS
Sign up for a free 14-day Bridgecrew trial or get a Prisma Cloud Code Security demo.
Resources
Explore the world of CloudFormation and AWS security
CloudFormation security 101: Tips and tricks
Learn how to implement CloudFormation best practices like enforcing least privilege access, protecting secrets, scanning for misconfigurations, and more.
5 Tips to take your AWS security to the next level
Learn advanced CloudFormation security best practices like implementing custom policies, setting up guardrails, monitoring cloud infrastructure drift, and more.