Codified cloud security resources

Everything you need to navigate through the Bridgecrew universe

Bridgecrew blog icon

Blog

Learn more about the codified cloud security movement and our platform.
Changelog icon

Changelog

Stay up to date with new Bridgecrew features and integrations.
Bridgecrew doc's icon

Docs

Learn how to get started with Bridgecrew and browse our policy library.

Workshops

Get hands-on experience codifying and automating your cloud security.

Research

Dive into our research on IaC security

2H 2021 Cloud Threat Report

We collaborated with Unit 42 to understand the part infrastructure and container security can play in supply chain attacks.

Kubernetes Helm chart security: Analyzing top findings and trends

We analyzed open-source Helm charts to get a better understanding as to how secure the composable Kubernetes ecosystem is.

State of open-source Terraform security

We analyzed the open source Terraform Registry to gauge its
current security and compliance posture.

Guides

Learn more about the codified security ecosystem

Supply Chain Security Checklist

Learn about the top seven risks facing software components and underlying delivery pipelines as well as best practices for preventing supply chain attacks.

DevSecGuide to Kubernetes

Learn how to leverage Kubernetes and IaC to embed security checks earlier in the DevOps lifecycle and build a Kubernetes-based DevSecOps strategy.

Cloud Security & GitOps Checklist

Discover six impactful guidelines for integrating cloud security and GitOps to accelerate release velocity while maintaining and improving your security posture.

DevSecGuide to IaC

Learn about the challenges of leveraging DevSecOps to secure the cloud and how infrastructure as code makes it all possible.

Webinars

See Bridgecrew in action

Cloud DevSecOps with Bridgecrew and Terraform

Learn how to shift left and automate your cloud security with Bridgecrew and HashiCorp Terraform in this hands-on workshop.

Workshop: Bridgecrew and Terraform

Learn how to codify your Terraform security with Bridgecrew from scanning files locally to implementing fully automated workflows.

Monthly Product Demo

Join us every month to see Bridgecrew in action. You’ll learn how to integrate Bridgecrew into your stack and workflow, and explore each part of the platform.

Workshop: Bridgecrew and Terraform

Learn how to codify your AWS security with Bridgecrew for CloudFormation and get hands-on experience shifting cloud security left.

GitOps and Cloud Security with AWS, Bridgecrew, and GitLab

Security leaders from AWS, Bridgecrew, and GitLab share best practices and a live demo for embedding cloud security into your GitOps processes.

Collaborating with DevOps to Automate Cloud Security at Scale

We join the security experts at AWS, Databricks, and Robinhood to discuss how and why security and DevOps teams should be working together to build scalable cloud security strategies.

Blog highlights

Exciting news bringing cloud security to everyone

We’re excited to announce Palo Alto Networks’ intent to acquire Bridgecrew to bring security-as-code and DevSecOps to Prisma Cloud.

Drift detection for Terraform Cloud

Detect and reconcile cloud infrastructure configuration drifts between AWS and Terraform Cloud in real-time with Bridgecrew drift detection.

2020 Year in Review

2020 was a year to remember for all of us at Bridgecrew. Our 2020 recap celebrates our accomplishments and gives thanks to all that contributed.

Bridgecrew Code Reviews

Review and fix newly identified IaC misconfigurations on every commit with Bridgecrew’s newest platform addition—Code Reviews!

Build an IaC security and governance program

Our strategy guide helps you determine where and how to enforce security controls to meet your goals without slowing your developers down.

Best practices for securing IAM on AWS

Pick up these best practices and tools for Identity and Access Management, a crucial component of cloud security.
Continue Reading Our Blog

Open source projects

We’re huge supporters of open source and are the proud creators and maintainers of several tools and training projects.

Scan your infrastructure as code repositories for misconfigurations. Checkov is open source and can be run locally or as part of your CI/CD pipeline.

AirIAM by Bridgecrew logo

Least privilege your AWS IAM automatically. AirIAM transforms existing configurations into a new right-sized Terraform template.

With built-in trace and attribution tags and the ability to write custom taggers, Yor helps with triaging incidents, risk management, cost allocation, and more.

Learn more about our OSS

Stay in touch

Slack

Join our CodifiedSecurity community on Slack to connect with other cloud security enthusiasts.
Bridgecrew on Twitch

Twitch

Chat with us live on Twitch at our community office hours, panels, and more.

Twitter

Follow us on Twitter to get a constant feed of industry news, Bridgecrew changelog updates, and new content.