-
checkov
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
Python ★ 8.8k 5d agoExplain → -
terragoat
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
HCL ★ 1.3k 11mo agoExplain → -
yor
Extensible auto-tagger for your IaC files. The ultimate way to link entities in the cloud back to the codified resource which created it.
Go ★ 927 3h agoExplain → -
AirIAM
Least privilege AWS IAM Terraformer
Python ★ 824 1y agoExplain → -
checkov-action
This GitHub Action runs Checkov against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.
HCL ★ 307 10d agoExplain → -
cfngoat
Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
★ 97 1y agoExplain → -
helm-scanner
Open source IaC security scanner for public Helm charts
Python ★ 90 4y agoExplain → -
bridgecrew-action
This GitHub Action runs Bridgecrew against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.
★ 73 1y agoExplain → -
checkov-vscode ▣
Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework, and other infrastructure-as-code-languages with Checkov by Bridgecrew in your VSCODE IDE.
TypeScript ★ 70 1y agoExplain → -
cdkgoat
CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
Python ★ 48 3y agoExplain → -
kustomizegoat
Vulnerable Kustomize Kubernetes templates for training and education
HTML ★ 48 4y agoExplain → -
terraform-aws-session-manager
Terraform module for deploying AWS Session Manager
HCL ★ 43 2y agoExplain → -
terraform-aws-route53-backup-restore
A module that backs up and restores route53 zones and records
Python ★ 21 2y agoExplain → -
redshirts
No description.
TypeScript ★ 20 1y agoExplain → -
yor-action
Github action for Yor
TypeScript ★ 15 1y agoExplain → -
HowCrew
Super-powered know how tools for AWS and GCP cloud security
Python ★ 14 3y agoExplain → -
whorf
No description.
Python ★ 13 11d agoExplain → -
terraformer ⑂
CLI tool to generate terraform files from existing infrastructure (reverse Terraform). Infrastructure to Code
Go ★ 12 2y agoExplain → -
prowler ⑂
AWS Security Best Practices Assessment, Auditing, Hardening and Forensics Readiness Tool. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark and DOZENS of additional checks including GDPR and HIPAA (+100). Official CIS for AWS guide: https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf
Shell ★ 12 4y agoExplain → -
bridgecrew-orb
This CircleCI Orb Action runs Bridgecrew analysis of Infrastructure-as-Code repository. Bridgecrerw performs static security analysis of Terraform, CloudFormation and Kubernetes Infrastructure code security
★ 11 4y agoExplain → -
supplygoat ⑂
"Vulnerable by Design" supply chain is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
Ruby ★ 11 1y agoExplain → -
cdk-validator-checkov
AWS CDK policy validation plugin powered by checkov
TypeScript ★ 10 2y agoExplain → -
jsonpath-ng
Finally, a JSONPath implementation for Python that aims to be standard compliant. That's all. Enjoy it.
Python ★ 9 2y agoExplain → -
bicepgoat
BicepGoat is Bridgecrew's "Vulnerable by Design" Bicep and ARM repository. BicepGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
Bicep ★ 9 2y agoExplain → -
detect-secrets ⑂
An enterprise friendly way of detecting and preventing secrets in code.
Python ★ 8 3mo agoExplain → -
terraform-provider-bridgecrew ▣
USE https://github.com/paloaltonetworks/terraform-provider-bridgecrew
Go ★ 6 3y agoExplain → -
cloud-security-notebooks
Jupyter notebooks of various cloud security subjects
Jupyter Notebook ★ 6 6y agoExplain → -
aws-collect-unused-security-groups
Track unused security groups of an AWS account over period of time with control of the interval to sample the security groups
JavaScript ★ 6 3y agoExplain → -
python-hcl2 ⑂
No description.
Python ★ 5 11mo agoExplain → -
terraform-aws-secured-postgresql-rds
A Terraform module to create an Amazon Web Services (AWS) PostgreSQL Relational Database Server (RDS) in a VPC, NAT implementing security best practices.
HCL ★ 5 3y agoExplain → -
cloudmapper ⑂
CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
JavaScript ★ 4 1y agoExplain → -
aws-modernization-workshop-bridgecrew
No description.
HTML ★ 4 3y agoExplain → -
bridgecrew-kubernetes
Resources for Kubernetes
★ 4 3y agoExplain → -
terraform-aws-bridgecrew-read-only
Bridgecrew READ ONLY integration module
HCL ★ 4 3y agoExplain → -
terraform-aws-bridgecrew-cloudtrail
Integrate your AWS account Cloudtrail with Bridgecrew
HCL ★ 4 4y agoExplain → -
bridgecrew-integrations
Integrations that supported by Bridgecrew. Each integration collect data from different sensors and send the log data to Bridgecrew
HCL ★ 4 5y agoExplain → -
kubernetes-goattest ⑂
Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster.
★ 3 2y agoExplain → -
WHP_IaC_Scanning
A repository for the We Hack Purple mini-course on IaC scanning with Checkov. (https://checkov.io)
HCL ★ 3 4y agoExplain → -
checkov-jetbrains-ide ▣
Checkov is a static code analysis tool for infrastructure as code.The Checkov Plugin for Intellij enables developers to get real-time scan results, as well as inline fix suggestions as they develop cloud infrastructure.
Kotlin ★ 3 2y agoExplain → -
onelogin-python-aws-assume-role ⑂
No description.
Python ★ 3 5y agoExplain → -
aws-nuke ⑂
Nuke a whole AWS account and delete all its resources.
Go ★ 3 2y agoExplain → -
terraform-azurerm-bridgecrew-azure-read-only
Read Only module to connect Azure subscriptions to https://bridgecrew.cloud
HCL ★ 3 3y agoExplain → -
terragoat-new-bc ⑂
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
★ 2 10mo agoExplain → -
terraform-google-bridgecrew-gcp-read-only
Connecting your GCP project to Bridgecrew
HCL ★ 2 5y agoExplain → -
prisma-cloud-vscode-plugin ▣
No description.
TypeScript ★ 2 1y agoExplain → -
aws-codebuild-extras ⑂
Add extra information of your AWS CodeBuild build via environment variables.
★ 2 7y agoExplain → -
sample-custom-checks
Example custom checks to use with the Checkov CLI.
Python ★ 2 4y agoExplain → -
bc-toolbox
Bridgecrew utility scripts and more.
JavaScript ★ 2 2y agoExplain → -
bc-pipeline-utils
utils for jenkins pipelines
Groovy ★ 2 3y agoExplain → -
terraform-aws-bridgecrew-remediation
No description.
HCL ★ 2 5y agoExplain → -
bridgecrew-py
No description.
Shell ★ 1 2mo agoExplain → -
prisma-cloud-jetbrains-ide ▣
The Prisma cloud Plugin for Intellij enables developers to get real-time scan results, as well as inline fix suggestions as they develop cloud infrastructure.
Kotlin ★ 1 1y agoExplain → -
iam-alerting-cleanup
No description.
Python ★ 1 5y agoExplain → -
fluentd-dlp
No description.
Dockerfile ★ 1 6y agoExplain → -
docker-syslog-integration
No description.
JavaScript ★ 1 4y agoExplain → -
checkov-pre-receive-hooks
No description.
Shell ★ 1 3y agoExplain → -
cloudsplaining ⑂
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
JavaScript ★ 1 4y agoExplain → -
yor-choco
No description.
PowerShell ★ 0 3y agoExplain → -
code2cloud_cas_qa ⑂
No description.
HCL ★ 0 7mo agoExplain → -
gha-reusable-workflows
Collection of GitHub Actions reusable workflows
★ 0 1y agoExplain → -
yor-theme ⑂
No description.
HTML ★ 0 1y agoExplain → -
homebrew-tap
No description.
Ruby ★ 0 1y agoExplain → -
prisma-cloud-ide-issues
This repository is the place to post issues you face while using the various IDE plugins offered by Prisma Cloud
★ 0 1y agoExplain → -
checkov-theme ⑂
No description.
CSS ★ 0 2y agoExplain → -
seaweedfs ⑂
SeaweedFS is a fast distributed storage system for blobs, objects, files, and data lake, for billions of files! Blob store has O(1) disk seek, cloud tiering. Filer supports Cloud Drive, cross-DC active-active replication, Kubernetes, POSIX FUSE mount, S3 API, S3 Gateway, Hadoop, WebDAV, encryption, Erasure Coding.
Go ★ 0 2y agoExplain → -
semgrep ⑂ ▣
A fork of the original semgrep
OCaml ★ 0 3y agoExplain → -
checkov-theme-2
No description.
HTML ★ 0 2y agoExplain → -
terraform-aws-apigateway-cors ⑂ ▣
Terraform module that sets up CORS
HCL ★ 0 6y agoExplain → -
checkov-orb ▣
No description.
★ 0 6y agoExplain → -
terragoat-pc ⑂ ▣
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
★ 0 3y agoExplain → -
react-diff-viewer ⑂
A simple and beautiful text diff viewer component made with Diff and React.
TypeScript ★ 0 2y agoExplain → -
serverless-plugin-include-dependencies
No description.
JavaScript ★ 0 2y agoExplain → -
dynamic-policy-updater ⑂
No description.
HCL ★ 0 3y agoExplain → -
former2 ⑂
Generate CloudFormation / Terraform / Troposphere templates from your existing AWS resources.
JavaScript ★ 0 2y agoExplain → -
serverless-layers ⑂
Serverless.js plugin that implements AWS Lambda Layers which reduces drastically lambda size, warm-up and deployment time.
JavaScript ★ 0 3y agoExplain → -
yq ⑂
yq is a portable command-line YAML processor
★ 0 4y agoExplain → -
TFE-sentinel-policy-set
No description.
HCL ★ 0 4y agoExplain → -
TFC-sentinel-policy-set
No description.
HCL ★ 0 4y agoExplain → -
terraform-aws-security-group ⑂
Terraform module which creates EC2-VPC security groups on AWS
★ 0 4y agoExplain → -
bridgecrew-test
No description.
HTML ★ 0 4y agoExplain → -
codifiedsecurity-landing
Landing page for #CodifiedSecurity community slack
★ 0 4y agoExplain → -
action-pull-request-another-repo ⑂
Action for create pull request in another repository
Shell ★ 0 4y agoExplain → -
goformation ⑂
GoFormation is a Go library for working with CloudFormation templates.
Go ★ 0 4y agoExplain → -
goserverless ⑂
Consider it goformation for the serverless project
Go ★ 0 5y agoExplain → -
go-terraform ⑂
Golang wrapper for the terraform CLI tool
Go ★ 0 5y agoExplain → -
gimme-aws-creds ⑂
A CLI that utilizes Okta IdP via SAML to acquire temporary AWS credentials
Python ★ 0 5y agoExplain → -
terraform-modules ⑂
Terraform modules for Fyde products
HCL ★ 0 5y agoExplain → -
ansible-aws-bridgecrew-read-only
Ansible playbook to register Bridgecrew platform on an AWS account
HTML ★ 0 5y agoExplain → -
hugo-theme-learn ⑂
Porting Grav Learn theme to Hugo
★ 0 5y agoExplain → -
terraform-aws-s3-bucket ⑂
Terraform module that creates an S3 bucket with an optional IAM user for external CI/CD systems
★ 0 5y agoExplain → -
terraform ⑂
Terraform enables you to safely and predictably create, change, and improve infrastructure. It is an open source tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
★ 0 3y agoExplain → -
terraform-aws-s3-log-storage ⑂
This module creates an S3 bucket suitable for receiving logs from other AWS services such as S3, CloudFront, and CloudTrail
★ 0 5y agoExplain → -
curator ⑂
Curator: Tending your Elasticsearch indices
Python ★ 0 5y agoExplain → -
azure-arm ⑂
No description.
★ 0 5y agoExplain → -
slackin-extended ⑂
Public Slack organizations made easy (extended fork of rauchg/slackin)
★ 0 5y agoExplain → -
terraform-aws-eks ⑂
Terraform module to create an Elastic Kubernetes (EKS) cluster and associated worker instances on AWS
★ 0 4y agoExplain → -
aws-api-gateway-developer-portal ⑂
A Serverless Developer Portal for easily publishing and cataloging APIs
JavaScript ★ 0 2y agoExplain → -
LambdaGuard ⑂
LambdaGuard: AWS Serverless Security
★ 0 6y agoExplain → -
arnparse ⑂
Parse ARNs using Python
★ 0 6y agoExplain → -
terraform-pci-starter ⑂
PCI Deployable Architecture on GCP with Terraform
HCL ★ 0 6y agoExplain →
No repos match these filters.