Articles By: Bridgecrew

DevSecGuide to Infrastructure as Code

This guide outlines the challenges of leveraging DevSecOps to secure the cloud and highlights how infrastructure as code (IaC) makes it all possible. With research on the state of IaC security, advice for embracing a DevSecOps culture, and practical tips for embedding IaC security guardrails throughout the DevOps lifecycle, this guide is a worthwhile read for anyone interested in taking […]

Read more ›

DevSecGuide to Kubernetes

As the de facto container orchestrator, Kubernetes has undeniable benefits when it comes to building performant and scalable applications. Its complexity and flexibility can create security challenges, but when approached with DevSecOps, can provide an opportunity to automate security from the start. In this guide, we’ll explore the unique considerations Kubernetes presents for cloud-native application security and how to build […]

Read more ›

Software Supply Chain Security Checklist: 7 Rules for Protecting Your Components and Pipelines From Attack

Software supply chains are core to building and delivering cloud-native applications. They contain software components like open source packages and infrastructure as code (IaC) templates, as well as underlying delivery pipelines such as version control systems (VCS) and continuous integration / continuous delivery (CI/CD) pipelines. Because they have direct access to proprietary code and are just a few pivots away […]

Read more ›

Six Power Rules for Integrating Cloud Security and GitOps, A Checklist

When infrastructure as code (IaC) is paired with GitOps, DevOps teams can apply the same guidelines used to manage application code to infrastructure. The result is faster and more frequent deployment, better scalability, and increased predictability. GitOps also makes it easy to embed security scanning and guardrails throughout the entire development and delivery process. By integrating cloud security and GitOps, […]

Read more ›

How People.AI Reduced Cloud Configuration Issues by 97% | Case Study

People.ai relies heavily on Terraform and AWS for its cloud infrastructure. With over 10,000 resources in their infrastructure, gaining visibility and reducing security risks was proving to be difficult and time-consuming. As they constantly evolved their configured resources and scaled their cloud infrastructure footprint, they wanted to stay on top of best practices in keeping their environments secure. Download this […]

Read more ›

Secure Your Infrastructure From Code to Cloud | Bridgecrew Overview

Bridgecrew empowers teams to secure their infrastructure wherever it is using a developer-first approach. It helps enterprises to fix issues in code, automate processes, and streamline cloud security into developer workflows. Benefits of Bridgecrew include:• Cloud drift detection and automated remediation• Cloud DevOps tools and workflows• Infrastructure as code (IaC) scanning Download this overview to learn more about the security […]

Read more ›

Putting the Sec in DevSecOps | Talk Recording

Planning, provisioning, and changing infrastructure are vital to rapid cloud application development. Incorporating infrastructure-as-code into software development promotes transparency and immutability and helps prevent bad configurations upstream. In this session, we’ll embed infrastructure-as-code security into a set of Auto DevOps gitlab pipelines, highlighting a workflow for catching issues in frameworks such as Terraform, CloudFormation and Kubernetes right from the developers […]

Read more ›

Cloud DevSecOps With Bridgecrew and Terraform | Hands-on Workshop Recording

Gain hands-on experience with the help of experts from Bridgecrew and Hashicorp! From scanning infrastructure as code (IaC) for security misconfigurations to implementing automated DevSecOps workflows, this workshop will provide a hands-on experience to automate your cloud security. In this hands-on workshop, we’ll walk through:• An overview of DevSecOps and Terraform infrastructure as code (IaC)• Getting started with Bridgecrew to […]

Read more ›