Open Source

This section describes open source projects created, maintained and supported by Bridgecrew.

ProjectDescriptionRelated projectsLanguageLicense
CheckovPrevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.GitHub Action

VSCODE Extension
PythonApache License 2.0
YorExtensible auto-tagger for your IaC files. The ultimate way to link entities in the cloud back to the codified resource which created it.GitHub ActionGoApache License 2.0
AirIAMLeast privilege AWS IAM Terraformer.PythonApache License 2.0
TerraGoatTerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.HCLApache License 2.0
CFNGoatCfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.YAMLApache License 2.0
CDKGoatCdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.PythonApache License 2.0
Helm ScannerOpen source IaC security scanner for public Helm charts.PythonApache License 2.0
BicepGoat"Vulnerable by Design" Bicep repository.BicepApache License 2.0
KustomizeGoat"Vulnerable by Design" Kustomize repository.DockerfileApache License 2.0
SupplyGoat"Vulnerable by Design" Supply Chain repository.Ruby, HCLApache License 2.0