Topic: checkov

New CI/CD configuration policies added to Checkov

Checkov, the open-source tool for finding infrastructure misconfigurations, has been updated with new CI/CD configuration policies. These policies can be applied across popular CI/CD frameworks like GitHub Actions, GitLab Runners, BitBucket Pipelines, CircleCI, and Argo.  Checkov has a developer-first approach to supply chain security, so it embeds these CI/CD policies directly into existing DevOps workflows … continue reading

Checkov 2.0 now available with new Dockerfile scanner

Bridgecrew has announced the release of Checkov 2.0. Checkov is a static code analysis tool specifically designed for Infrastructure as Code (IaC).  “Policies that take into account interdependencies within IaC are critical to understanding the impact of misconfigurations,” said Rob Eden, senior engineer and Checkov contributor. “It’s not enough to know that a security group … continue reading

DMCA.com Protection Status