Shortly after coming out of stealth mode with $18M in funding, Bridgecrew drops new product integrations to put cloud security in the hands of developers.
Bridgecrew transforms how teams secure their public cloud by embedding infrastructure security earlier in development lifecycles. With new run-time and build-time integrations, Bridgecrew equips developers with automated fixes for cloud security issues—and delivers them as code.
Public cloud security posture in run-time
Bridgecrew connects seamlessly to cloud environments with run-time scanning for AWS, Azure, and Google Cloud.
As teams expand their cloud footprints, Bridgecrew automatically identifies run-time issues that expose them to risk. But unlike compliance and reporting tools, Bridgecrew comes fully equipped with automated playbooks to correct misconfigured resources.
Infrastructure-as-code and workload protection in build-time
Infrastructure-as-code allows teams to provision cloud workloads at scale, presenting both a challenge and opportunity when it comes to security. Bridgecrew helps teams keep infrastructure-as-code secure by scanning for issues in Kubernetes, Terraform, and AWS CloudFormation.
Bridgecrew also provides fixes at the infrastructure-as-code level—developers can open pull requests through version control system integrations with GitHub and Bitbucket or run code in their local environments.
Developer ecosystem integrations
In addition to providing cloud security posture visibility and automated remediations, Bridgecrew prevents cloud misconfigurations through CI/CD pipeline integrations with GitHub Actions, CircleCI, and Jenkins.
Teams get cloud security monitoring as part of every build, ensuring that misconfigurations aren’t unknowingly deployed. Ecosystem integrations with Jira, Splunk, and Slack provide real-time alerts where developers need them.
Open-source software is key to Bridgecrew’s platform and its mission to advance the codified cloud security movement. Their engineering team supports community-led projects and develop their own tools:
- Checkov, a static analysis tool for infrastructure-as-code
- AirIAM, a least-privilege automation framework for AWS IAM
- TerraGoat, a “vulnerable-by-design” Terraform security training tool
To empower developers to take a hands-on role in securing their public cloud infrastructure, Bridgecrew’s free Community plan now includes both scanning and remediations. Learn more and start for free at bridgecrew.io.