Updates and recent posts about checkov..

Posts
Description

Activity

@devopslinks added a new tool Grype , 2 months, 3 weeks ago.

Activity

@kaptain added a new tool Hadolint , 2 months, 3 weeks ago.

Activity

@varbear added a new tool Bandit , 2 months, 3 weeks ago.

Activity

@devopslinks added a new tool JFrog Xray , 2 months, 3 weeks ago.

Activity

@devopslinks added a new tool OWASP Dependency-Check , 2 months, 3 weeks ago.

Activity

@varbear added a new tool pre-commit , 2 months, 3 weeks ago.

Activity

@devopslinks added a new tool GitGuardian , 2 months, 3 weeks ago.

Activity

@devopslinks added a new tool detect-secrets , 2 months, 3 weeks ago.

Activity

@devopslinks added a new tool Gitleaks , 2 months, 3 weeks ago.

Course

@eon01 published a course, 2 months, 3 weeks ago

Founder, FAUN.dev

DevSecOps in Practice

#AppSec #DevOps #DevSecO... #SecDevO... #Securit...

A Hands-On Guide to Operationalizing DevSecOps at Scale

Checkov, created by Bridgecrew (now part of Palo Alto Networks), is an open source policy-as-code scanner for infrastructure-as-code frameworks. It analyzes Terraform, Kubernetes manifests, CloudFormation, Serverless, ARM, Docker, and other IaC formats to detect security, compliance, and configuration issues. Checkov uses a large library of built-in policies mapped to standards like CIS, PCI, SOC2, and NIST, and supports custom policies written in Python or YAML. It integrates seamlessly with CI pipelines, Git repos, and developer workflows, helping teams enforce secure-by-default cloud configurations before deployment. Its coverage, speed, and extensibility make it a flagship tool in cloud DevSecOps.