Users can now speed up the development of custom policies by cloning and modifying one of our over 50 YAML-based policies. In the Policies screen, find a YAML-based policy, click on the three dots, and clone. This will provide you with a new policy copied from that existing policy.
The Checkov plugin scans IaC templates for misconfigurations as you code in JetBrains products such as IntelliJ and PyCharm. Fix and skip suggestions are made on the resource block that violates any policies.
We’ve expanded suppression rule functionality and made several improvements to make managing suppression rules easier across the Bridgecrew platform.
If an onboarded repository contains one or more Dockerfiles, Bridgecrew will automatically build those images and scan them for package vulnerabilities and compliance violations. Violations will be surfaced in the Projects page.
We've added 40 new policy fixes across AWS, Azure and GCP. Now if Bridgecrew spots these misconfigurations, the platform will suggest a fix in PR comments, VS Code, and as PR fixes in the platform.
Bridgecrew’s Bitbucket Server integration now includes bot generated pull request quality reports to provide misconfiguration guidance in context. Once a Bitbucket Server repo is added to Bridgecrew, all new pull requests will include reports with policy violations and severity levels. Also, the results are graph based, so reports will be based on rendered variables and modules.
With this new feature, Bridgecrew users can easily activate Yor tagging and tracing by enabling the Tagging Bot on the Code Repository Settings page.
Terraform Cloud (TFC) users can now use the new Run Tasks feature (currently beta) to have Bridgecrew scan every new plan they run in TFC. The task provides a simple status for the run with a summary and a link to a Bridgecrew Code Reviews page.
We’ve made Bridgecrew integrations easier to add, find, and manage. Our latest update includes an integration catalog, integration grid, integration wizards.