AWS CDK CFN template scanning 📦

Posted by Guy Eisenkot 9 days ago

Bridgecrew can now scan CloudFormation templates generated using the AWS Cloud Development Kit (CDK). You can even report violations at build time straight to the Bridgecrew platform to be visible in the application.

added

GitLab integration 🐈

Posted by Guy Eisenkot 14 days ago

If you are using to GitLab to host your infrastructure-as-code, you can now connect them directly to Bridgecrew and scan them for security and compliance misconfigurations.

added

ARM template scanning 📦

Posted by Guy Eisenkot 28 days ago

ARM templates allow users to create and deploy Azure infrastructure using a declarative syntax. It supports most native Azure services, including virtual machines, network infrastructure, storage systems.

added

CLI Guide Links⚓

Posted by Guy Eisenkot about a month ago

If you use Checkov or Bridgecrew CLI to find and stop cloud misconfigurations during build processes, you'll love the neat little addition.

added

Serverless scanning⚡

Posted by Guy Eisenkot about a month ago

The Serverless Framework provides the tools needed to deploy AWS Lambda functions, along with other AWS infrastructure resources they require.

added

GitHub Enterprise🐱

Posted by Guy Eisenkot about a month ago

Bridgecrew now connects to GitHub Enterprise. This enables GHE users to enable the Bridgecrew Application for GitHub and get - infrastrcuture-as-code scanning, inline fixes and automated pull requests to resolve issues.

Azure & Google Cloud☁️

Posted by Guy Eisenkot about a month ago

You can now connect Bridgecrew to your Microsoft Azure subscriptions and Google Cloud projects and detect misconfigurations across your clouds. Over 100 community contributed policies are added in this release to cover primary configuration settings for Logging, Networking, IAM, Encryption, and others.

improved

Additional compliance benchmarks 🏛️

Posted by Guy Eisenkot about a month ago

With this latest release of compliance benchmark reporting we're adding support for all common industry reporting and compliance standards, including:

improved

K8 Cluster Workload scanning🐳

Posted by Guy Eisenkot 2 months ago

With this change we've added the ability to run the Bridgecrew Cloud scanner within your Kubernetes clusters as a cron job to scan for insecure Kubernetes resource configuration. The results are sent back to Bridgecrew Cloud via API where you can review results, correlate with build time manifests, and plan remediation.

added

Manual configuration changes 🛠️

Posted by Guy Eisenkot 2 months ago

If you're managing an infrastructure-as-code pipeline you know that trying to lock down environments from manual changes is very challenging. We're adding Manual configuration changes alerts, based on CloudTrail events to help you track those changes quickly.