Resources
Learn code security best practices and tips
Everything you need to navigate through the Bridgecrew universe
Blog
Learn more about the codified cloud security movement and our platform.
Changelog
Stay up to date with new Bridgecrew features and integrations.
Docs
Learn how to get started with Bridgecrew and browse our policy library.
Workshops
Get hands-on experience codifying and automating your cloud security.
Guides
Learn more about the codified security ecosystem
Supply Chain Security Checklist
Learn about the top seven risks facing software components and underlying delivery pipelines as well as best practices for preventing supply chain attacks.
DevSecGuide to Kubernetes
Learn how to leverage Kubernetes and IaC to embed security checks earlier in the DevOps lifecycle and build a Kubernetes-based DevSecOps strategy.
Cloud Security & GitOps Checklist
Discover six impactful guidelines for integrating cloud security and GitOps to accelerate release velocity while improving your security posture.
DevSecGuide to IaC
Learn about the challenges of leveraging DevSecOps to secure the cloud and how infrastructure as code makes it all possible.
Workshops
Get hands-on with Checkov and Bridgecrew
Terraform Workshop
Learn how to codify your Terraform security with Bridgecrew from scanning files locally to implementing fully automated workflows.
Kubernetes Workshop
Get hands-on experience building a fully automated and secure GitOps workflow from manifest to workload with Bridgecrew and Kubernetes.
CloudFormation Workshop
Learn how to codify your AWS security with Bridgecrew for CloudFormation and get hands-on experience shifting cloud security left.
Research
Dive into our research on IaC security
2H 2021 Cloud Threat Report
We collaborated with Unit 42 to understand the part infrastructure and container security can play in supply chain attacks.
Kubernetes Helm chart security trends
We analyzed open-source Helm charts to get a better understanding as to how secure the composable Kubernetes ecosystem is.
State of open-source Terraform security
We analyzed the open source Terraform Registry to gauge its
current security and compliance posture.