Bridgecrew

Bridgecrew manages securing cloud infrastructure by automating the identification and remediation of misconfigurations in infrastructure-as-code (IaC) templates and runtime environments. The platform leverages its open-source tool, Checkov, to perform static analysis on IaC templates such as Terraform, CloudFormation, Kubernetes, and more. This analysis is integrated across the development lifecycle, including IDEs, version control systems (VCS), and continuous integration/continuous deployment (CI/CD) pipelines.

Technically, Bridgecrew's architecture involves read-only API calls to scan cloud resources on AWS, Azure, and GCP, counting each resource type (e.g., EC2, RDS, Virtual Machines) towards the overall resource limit. The platform generates remediation playbooks that can be automated within CI/CD workflows, ensuring that security policies are enforced early and consistently. It also provides real-time feedback and fix suggestions directly within developers' workflows, reducing the noise and tickets for security and development teams.

Operationally, Bridgecrew requires careful management of resource limits, as each cloud workload is counted towards the subscription tier (Standard, Pro, Enterprise). The platform integrates with various tools like GitHub, GitLab, Jenkins, and Circle CI, allowing seamless scanning and remediation of IaC misconfigurations. However, the cost of managing large-scale deployments can be significant, with pricing tiers ranging from $99 to $540,000 per year, depending on the number of resources and features required.

Key technical details include the use of Checkov for policy enforcement, which includes hundreds of out-of-the-box policies across different template types and providers. The platform also supports custom policy creation and integrates with notification tools like Slack, Splunk, and Jira for incident management. Overall, Bridgecrew's approach ensures a proactive and automated security posture, embedding security best practices deeply into the DevOps lifecycle.