Cloud DevSecOps with Bridgecrew and CloudFormation

Learn how to codify your AWS security with Bridgecrew for CloudFormation. From scanning infrastructure as code (IaC) for security misconfiguration to implementing automated DevSecOps workflows with CodeBuild, you’ll get hands-on experience shifting cloud security left.

We’ll use our AWS Modernization Workshop as a guide to walk through:

• An overview of DevSecOps and CloudFormation infrastructure as code (IaC)
• Getting started with Bridgecrew to scan for CloudFormation misconfigurations
• Setting up CodeBuild to automate security scanning and policy enforcement
• Fixing IaC security errors and AWS resource misconfigurations with Bridgecrew

Know before you go:

To get the most out of this tutorial, please come prepared with the following prerequisites. It will also be helpful to have a basic understanding of git, AWS core concepts (IAM, regions, UI, CLI, APIs), and CI/CD principles. The workshop will utilize AWS Event Engine and Cloud9 IDE, which attendees will get AWS credits to apply to their AWS account to cover the cost of the dev day AWS resources.