added

GitHub integration 🐱

Posted by Guy Eisenkot about a year ago

Bridgecrew now integrates directly with GitHub and can be found in the GitHub Marketplace. It enables scanning infrastructure as code files stored in GitHub repositories. It also supports opening pull request to fix issues and include additions or replacements of missing or misconfigured arguments.

added

CloudFormation scanning 📦

Posted by Guy Eisenkot about a year ago

Bridgecrew performs a static code analysis on CloudFormation templates. CloudFormation scanning supports the evaluation of variables.

added

Secrets scanning 🗝️

Posted by Guy Eisenkot about a year ago

Bridgecrew now scans for AWS credentials in EC2 user data, Lambda environment variables, and Terrafrom providers.

added

Compliance reports 🏛️

Posted by Guy Eisenkot about a year ago

Export or download assessment reports for proof of security posture across accounts and repos. Reports include detailed controls and their status, failed resources as well as suppressions. Reports currently support the following benchmarks: NIST-800, PCI-DSS, SOC2, and HIPAA.

added

SSO & SAML 🔐

Posted by Guy Eisenkot about a year ago

Sign in to your Bridgecrew account using a Google/GitHub SSO identity or configure an Okta/OneLogin SAML integration. https://www.bridgecrew.cloud/integrations/saml

added

Cloud infra dashboard 📊

Posted by Guy Eisenkot about a year ago

With Bridgecrew’s intuitive dashboard, it’s easy to see and filter passed and failed checks across accounts and repos. Resource checks are grouped by category, showing trends for individual resources over a given timeframe. Download any view of your dashboard to PDF report.

added

Terraform scanning 🔒

Posted by Guy Eisenkot about a year ago

Bridgecrew performs static code analysis on Terraform infrastructure-as-code files. Including scans for over 100 policies, they cover security and compliance best practices for AWS, Azure, and Google Cloud. Terraform scanning supports the evaluation of variables and inline suppression of accepted risks or false-positives to reduce recurring scan failures.

added

Network graph 📡

Posted by Guy Eisenkot about a year ago

Access a complete AWS networking snapshot graph built dynamically based on AWS APIs. Networking sections are segmented based on AWS networking conventions (organizations, accounts, subnets, VPCs and individual compute resources). Select a visualization type from the icons at the bottom of the screen.

added

Access graph 📊

Posted by Guy Eisenkot about a year ago

Get insight into all existing cross-account-access relationships granted by a subject account. Cross account access telemetry is pulled from AWS APIs and describes the level of access each external account is given.