Bridgecrew can now scan CloudFormation templates generated using the AWS Cloud Development Kit (CDK). You can even report violations at build time straight to the Bridgecrew platform to be visible in the application.
If you are using to GitLab to host your infrastructure-as-code, you can now connect them directly to Bridgecrew and scan them for security and compliance misconfigurations.
ARM templates allow users to create and deploy Azure infrastructure using a declarative syntax. It supports most native Azure services, including virtual machines, network infrastructure, storage systems.
The Serverless Framework provides the tools needed to deploy AWS Lambda functions, along with other AWS infrastructure resources they require.
Bridgecrew now connects to GitHub Enterprise. This enables GHE users to enable the Bridgecrew Application for GitHub and get - infrastrcuture-as-code scanning, inline fixes and automated pull requests to resolve issues.
You can now connect Bridgecrew to your Microsoft Azure subscriptions and Google Cloud projects and detect misconfigurations across your clouds. Over 100 community contributed policies are added in this release to cover primary configuration settings for Logging, Networking, IAM, Encryption, and others.
With this latest release of compliance benchmark reporting we're adding support for all common industry reporting and compliance standards, including:
With this change we've added the ability to run the Bridgecrew Cloud scanner within your Kubernetes clusters as a cron job to scan for insecure Kubernetes resource configuration. The results are sent back to Bridgecrew Cloud via API where you can review results, correlate with build time manifests, and plan remediation.
If you're managing an infrastructure-as-code pipeline you know that trying to lock down environments from manual changes is very challenging. We're adding Manual configuration changes alerts, based on CloudTrail events to help you track those changes quickly.