Open Source
This section describes open source projects created, maintained and supported by Bridgecrew.
| Project | Description | Related projects | Language | License |
|---|---|---|---|---|
| Checkov | Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew. | GitHub Action VSCODE Extension | Python | Apache License 2.0 |
| Yor | Extensible auto-tagger for your IaC files. The ultimate way to link entities in the cloud back to the codified resource which created it. | GitHub Action | Go | Apache License 2.0 |
| AirIAM | Least privilege AWS IAM Terraformer. | Python | Apache License 2.0 | |
| TerraGoat | TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. | HCL | Apache License 2.0 | |
| CFNGoat | Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. | YAML | Apache License 2.0 | |
| CDKGoat | CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. | Python | Apache License 2.0 | |
| Helm Scanner | Open source IaC security scanner for public Helm charts. | Python | Apache License 2.0 | |
| BicepGoat | "Vulnerable by Design" Bicep repository. | Bicep | Apache License 2.0 | |
| KustomizeGoat | "Vulnerable by Design" Kustomize repository. | Dockerfile | Apache License 2.0 | |
| SupplyGoat | "Vulnerable by Design" Supply Chain repository. | Ruby, HCL | Apache License 2.0 |
Updated 12 months ago