Join us

ContentUpdates and recent posts about checkov..
 Activity
bridgecrewio
@bridgecrewio started using tool checkov , 1 week, 6 days ago.
Course
eon01
@eon01 published a course, 1 week, 6 days ago
Founder, FAUN.dev

DevSecOps in Practice

#AppSec  #DevOps  #DevSecO...  #SecDevO...  #Securit... 
TruffleHog Flask NeuVector detect-secrets pre-commit OWASP Dependency-Check Docker checkov Bandit Hadolint Grype KubeLinter Syft GitLab CI/CD Trivy Kubernetes

A Hands-On Guide to Operationalizing DevSecOps at Scale

DevSecOps in Practice
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email

|

Sell your course on FAUN.dev
 Activity
eurogig
@eurogig started using tool checkov , 3 years, 4 months ago.
Story BridgeCrew Team
bridgecrewio
@bridgecrewio shared a post, 4 years, 3 months ago

Addressing Security Throughout the Infrastructure DevOps Lifecycle

#DevOps  #iac 
checkov Visual Studio Code

No, this isn’t another post about the Secure Development Lifecycle. This is a practical post on why and how to address cloud security at each step of the infrastructure development lifecycle, from infrastructure as code in your IDE to running cloud resources.

addressing-security-1.png
3k views  
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Story BridgeCrew Team
bridgecrewio
@bridgecrewio shared a post, 4 years, 3 months ago

Applying Kubernetes security best practices to Helm charts

#DevSecO...  #iac 
Helm Kubernetes - The Easier Way Docker checkov PostgreSQL

Helm charts are an easy way to package, version and deploy applications on Kubernetes. They can be used to deploy application services or even Kubernetes components and tools.

helm-security-research.png
3k views  
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Story BridgeCrew Team
bridgecrewio
@bridgecrewio shared a post, 4 years, 3 months ago

Terraform Security 101: Best Practices for Secure Infrastructure as Code

#Terrafo...  #iac 
Terraform checkov Kubernetes

Deploying and managing cloud resources is faster and easier than ever, and we have infrastructure as code (IaC) to thank for it. With IaC, tedious manual configurations and one-off scripts are things of the past. Instead, you manage infrastructure with code in much the same way you would applications and services. This infrastructure can be anything from servers and databases to networks, Kubernetes clusters, and entire application stacks.

101-post.png
4k views  
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Checkov, created by Bridgecrew (now part of Palo Alto Networks), is an open source policy-as-code scanner for infrastructure-as-code frameworks. It analyzes Terraform, Kubernetes manifests, CloudFormation, Serverless, ARM, Docker, and other IaC formats to detect security, compliance, and configuration issues. Checkov uses a large library of built-in policies mapped to standards like CIS, PCI, SOC2, and NIST, and supports custom policies written in Python or YAML. It integrates seamlessly with CI pipelines, Git repos, and developer workflows, helping teams enforce secure-by-default cloud configurations before deployment. Its coverage, speed, and extensibility make it a flagship tool in cloud DevSecOps.