CLI autocompletion for Checkov with Fig 💜

Checkov has been added to Fig, a visual autocomplete utility for iTerm, Hyper, VSCode, and macOS Terminal. For Fig users, this addition makes it even easier and faster to use Checkov in the command line with completions as you type.

improved

Smart fixes are now available for PR scans 💬

Smar Fixes will now show up as suggestions for PR comments and can be viewed on the Projects page for PR branches.

added

OCI and OpenStack support as part of 53 new policies 🛂

Bridgecrew added 53 new out-of-the-box policies across multiple resource types and providers.
New additions also include supporting Oracle Cloud Infrastructure (OCI) Terraform resources and OpenStack secrets and Terraform resources.

added

Kubernetes custom policies ✏️

Users can now add custom Kubernetes policies files in the Visual Editor and Code Editor. Our most recent update to Checkov generates a graph for Kubernetes manifests and Helm charts. This allows Checkov to check policies against that graph.

added

Yor adds Dry Run to preview tags 📝

You can now perform a dry run to get a preview of all of the tags that will be added using Yor. When you do yor tag -d . --dry-run, the CLI will output what tags will be added without making any changes to your IaC files. Running yor . will add those tags to your files.

Introducing Incidents 2.0 for faster runtime exploration 🔥

Runtime security alerts are your top priorities. Reviewing and prioritizing incidents including non-compliant resources based solely on severity and benchmarks without the context of the resource that is associated with specific policy is not enough. Bridgecrew now offers advanced capabilities on our Incidents 2.0 page. Explore, manage, and fix your open runtime incidents across cloud providers (AWS, Azure, GCP) and Kubernetes workloads faster with our revamped navigation and visualizations.

added

Log4Shell prevention rules for AWS, Azure, and GCP added ⚠️

Using a vulnerable version of the Apache Log4j library might enable attackers to exploit a Lookup mechanism that enables remote code execution. We’ve added rules to check that your cloud WAFs have the right signatures in place to prevent Log4j exploits (also known as Log4Shell). We’ve added the following policies:

improved

Azure Repos PR Comments upgrade 🚀

Onboarded Azure Repos now automatically receive comments with misconfiguration feedback on every new pull request. These comments include details about the IaC policy violations, their severities, policy descriptions, how to fix them, and relevant benchmarks.

added

Smart Fixes for repo sourced fixed suggestions 🧠

Bridgecrew added Smart Fixes. Frequent fixes for the same policy committed to your repositories will automatically be suggested on the Projects page the next time you violate that policy.

added

Bridgecrew Terraform Provider ⚒️

We’ve launched our official Bridgecrew Terraform provider. With the new provider you can: