Bridgecrew now connects to GitHub Enterprise. This enables GHE users to enable the Bridgecrew Application for GitHub and get - infrastrcuture-as-code scanning, inline fixes and automated pull requests to resolve issues.
You can now connect Bridgecrew to your Microsoft Azure subscriptions and Google Cloud projects and detect misconfigurations across your clouds. Over 100 community contributed policies are added in this release to cover primary configuration settings for Logging, Networking, IAM, Encryption, and others.
With this latest release of compliance benchmark reporting we're adding support for all common industry reporting and compliance standards, including:
With this change we've added the ability to run the Bridgecrew Cloud scanner within your Kubernetes clusters as a cron job to scan for insecure Kubernetes resource configuration. The results are sent back to Bridgecrew Cloud via API where you can review results, correlate with build time manifests, and plan remediation.
If you're managing an infrastructure-as-code pipeline you know that trying to lock down environments from manual changes is very challenging. We're adding Manual configuration changes alerts, based on CloudTrail events to help you track those changes quickly.
Integrating Bridgecrew with Bitbucket now includes pull-request scan results within the PR view. Utilizing the Code Insights API Bridgecrew now presents important development information directly on pull requests inside the product, This enables you to proactively diagnose potential issues, shorten test cycles, and improve code quality.
Our new bi-directional integration with Jira Cloud enables creating a new user story with all the information required to respond to a recently found misconfiguration.
Reporting Bridgecrew incidents directly into Splunk is now available using a new webhook connector. This integration enables teams using Splunk for alerting, dashborading and reporting to receive Bridgecrew notifications in real time and act quickly to resolve them.
Bridgecrew now inspects Kubernetes configuration files as well as Terraform files that define Kubernetes workloads and identifies configuration errors documented in the documented in the CIS Kubernetes Benchmark. This scanning module supports self-managed clusters, as well as managed Kubernetes engines such as GKE, EKS and AKS.
Bridgecrew integrates with Bitbucket Cloud and is listed on the Bitbucket marketplace. It enables scanning infrastructure as code files stored in Bitbucket repositories.