Repositories list

• checkov

  Public
  Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

  kubernetesawsdevops+ 10cloudformationazureterraformstatic-analysisgcpinfrastructure-as-codescans+ 3

  Python

  •

  Apache License 2.0

  •1.1k•7.2k•170•61•Updated Nov 24, 2024Nov 24, 2024

• whorf

  Public
  Python

  •1•10•3•3•Updated Nov 21, 2024Nov 21, 2024

• bridgecrew-py

  Public
  Shell

  •0•1•0•5•Updated Nov 21, 2024Nov 21, 2024

• checkov-action

  Public
  This GitHub Action runs Checkov against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.

  marketplacestatic-analysisscanning+ 6hacktoberfestbridgecrewsecurityterraformcompliancedevsecops

  HCL

  •

  Apache License 2.0

  •100•246•26•2•Updated Nov 21, 2024Nov 21, 2024

• detect-secrets

  Public
  An enterprise friendly way of detecting and preventing secrets in code.

  Python

  •

  Apache License 2.0

  •477•5•1•10•Updated Nov 21, 2024Nov 21, 2024

• yor

  Public
  Extensible auto-tagger for your IaC files. The ultimate way to link entities in the cloud back to the codified resource which created it.

  cloudcloudformationserverless+ 7taggingiachacktoberfestcloudsecuritydevopsterraforminfrastructure-as-code

  Go

  •

  Apache License 2.0

  •124•834•2•6•Updated Nov 18, 2024Nov 18, 2024

• prisma-cloud-ide-issues

  Public
  This repository is the place to post issues you face while using the various IDE plugins offered by Prisma Cloud

  0•0•0•0•Updated Nov 6, 2024Nov 6, 2024

• prisma-cloud-vscode-plugin

  Public archive
  TypeScript

  •

  Apache License 2.0

  •3•2•4•2•Updated Nov 6, 2024Nov 6, 2024

• prisma-cloud-jetbrains-ide

  Public archive
  The Prisma cloud Plugin for Intellij enables developers to get real-time scan results, as well as inline fix suggestions as they develop cloud infrastructure.

  Kotlin

  •

  Apache License 2.0

  •0•1•1•10•Updated Nov 6, 2024Nov 6, 2024

• checkov-vscode

  Public archive
  Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework, and other infrastructure-as-code-languages with Checkov by Bridgecrew in your VSCODE IDE.

  kubernetescloudformationstatic-analysis+ 6serverless-frameworkvscode-extensionhacktoberfestcheckovterraformvscode

  TypeScript

  •

  Apache License 2.0

  •38•69•19•1•Updated Oct 27, 2024Oct 27, 2024

• python-hcl2

  Public
  Python

  •

  MIT License

  •56•5•0•4•Updated Oct 10, 2024Oct 10, 2024

• terragoat

  Public
  TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

  terraformaws-securitygoat+ 4devsecopscloud-securityazure-securitygcp-security

  HCL

  •

  Apache License 2.0

  •2.4k•1.2k•3•36•Updated Sep 13, 2024Sep 13, 2024

• terragoat-new-bc

  Public
  TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

  HCL

  •

  Apache License 2.0

  •2.4k•0•0•7•Updated Sep 13, 2024Sep 13, 2024

• cfngoat

  Public
  Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

  aws-securitycloudsecuritydevsecops+ 1cloudformation

  622•92•0•9•Updated Aug 5, 2024Aug 5, 2024

• homebrew-tap

  Public
  Ruby

  •4•0•1•0•Updated Aug 4, 2024Aug 4, 2024

• supplygoat

  Public
  "Vulnerable by Design" supply chain is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

  Ruby

  •

  Apache License 2.0

  •215•9•0•5•Updated Aug 1, 2024Aug 1, 2024

• yor-action

  Public
  Github action for Yor

  TypeScript

  •

  Apache License 2.0

  •21•16•0•9•Updated Apr 22, 2024Apr 22, 2024

• AirIAM

  Public
  Least privilege AWS IAM Terraformer

  aws-iamhacktoberfestaws-security+ 6aws-security-automationbridgecrewprivileges-modelawsterraformiam

  Python

  •

  Apache License 2.0

  •78•776•11•23•Updated Mar 13, 2024Mar 13, 2024

• terraformer

  Public
  CLI tool to generate terraform files from existing infrastructure (reverse Terraform). Infrastructure to Code

  Go

  •

  Apache License 2.0

  •1.7k•11•0•9•Updated Mar 13, 2024Mar 13, 2024

• kubernetes-goattest

  Public
  Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster.

  HTML

  •

  MIT License

  •715•1•0•1•Updated Feb 15, 2024Feb 15, 2024

• gha-reusable-workflows

  Public
  Collection of GitHub Actions reusable workflows

  Apache License 2.0

  •1•0•0•5•Updated Feb 12, 2024Feb 12, 2024

• jsonpath-ng

  Public
  Finally, a JSONPath implementation for Python that aims to be standard compliant. That's all. Enjoy it.

  Python

  •

  Apache License 2.0

  •3•6•1•3•Updated Feb 5, 2024Feb 5, 2024

• checkov-jetbrains-ide

  Public archive
  Checkov is a static code analysis tool for infrastructure as code.The Checkov Plugin for Intellij enables developers to get real-time scan results, as well as inline fix suggestions as they develop cloud infrastructure.

  plugincheckovintellij+ 1intellij-plugin

  Kotlin

  •

  Apache License 2.0

  •0•3•2•15•Updated Jan 16, 2024Jan 16, 2024

• bc-toolbox

  Public
  Bridgecrew utility scripts and more.

  JavaScript

  •

  ISC License

  •2•2•0•2•Updated Jan 9, 2024Jan 9, 2024

• cdk-validator-checkov

  Public
  AWS CDK policy validation plugin powered by checkov

  TypeScript

  •

  Apache License 2.0

  •1•8•0•3•Updated Dec 1, 2023Dec 1, 2023

• bridgecrew-action

  Public
  This GitHub Action runs Bridgecrew against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.

  githubmarketplacestatic-analysis+ 7actionsbridgecrewsecuritycompliancescanningdevsecopsgithub-actions

  MIT License

  •29•73•5•0•Updated Nov 30, 2023Nov 30, 2023

• terraform-aws-session-manager

  Public
  Terraform module for deploying AWS Session Manager

  HCL

  •

  Apache License 2.0

  •46•42•5•4•Updated Nov 17, 2023Nov 17, 2023

• checkov-theme-2

  Public
  HTML

  •3•0•0•29•Updated Nov 4, 2023Nov 4, 2023

• checkov-theme

  Public
  CSS

  •

  BSD 2-Clause "Simplified" License

  •4•0•0•5•Updated Nov 4, 2023Nov 4, 2023

• react-diff-viewer

  Public
  A simple and beautiful text diff viewer component made with Diff and React.

  TypeScript

  •

  MIT License

  •277•0•0•22•Updated Oct 27, 2023Oct 27, 2023