Skip to content
@bridgecrewio

PANW AppSec

Secure cloud native applications and infrastructure

Pinned Loading

  1. checkov Public

    Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

    Python 7.4k 1.2k

  2. yor Public

    Extensible auto-tagger for your IaC files. The ultimate way to link entities in the cloud back to the codified resource which created it.

    Go 863 123

  3. terragoat Public

    TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into product…

    HCL 1.2k 5.4k

  4. AirIAM Public

    Least privilege AWS IAM Terraformer

    Python 788 79

  5. bridgecrew-action Public

    This GitHub Action runs Bridgecrew against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compl…

    74 29

  6. bridgecrew-orb Public

    This CircleCI Orb Action runs Bridgecrew analysis of Infrastructure-as-Code repository. Bridgecrerw performs static security analysis of Terraform, CloudFormation and Kubernetes Infrastructure code…

    11 4

Repositories

Showing 10 of 99 repositories
  • checkov Public

    Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

    Python 7,402 Apache-2.0 1,159 109 (2 issues need help) 62 Updated Mar 6, 2025
  • whorf Public
    Python 11 1 3 3 Updated Mar 6, 2025
  • bridgecrew-py Public
    Shell 1 0 1 5 Updated Mar 6, 2025
  • checkov-action Public

    This GitHub Action runs Checkov against infrastructure-as-code, open source packages, container images, and CI/CD configurations to identify misconfigurations, vulnerabilities, and license compliance issues.

    HCL 260 Apache-2.0 104 31 (1 issue needs help) 2 Updated Mar 6, 2025
  • detect-secrets Public Forked from Yelp/detect-secrets

    An enterprise friendly way of detecting and preventing secrets in code.

    Python 5 Apache-2.0 501 1 11 Updated Mar 5, 2025
  • gha-reusable-workflows Public

    Collection of GitHub Actions reusable workflows

    0 Apache-2.0 1 0 5 Updated Mar 5, 2025
  • yor Public

    Extensible auto-tagger for your IaC files. The ultimate way to link entities in the cloud back to the codified resource which created it.

    Go 863 Apache-2.0 123 1 8 Updated Mar 3, 2025
  • yor-theme Public Forked from sincspecv/yorn
    HTML 0 4 0 4 Updated Feb 26, 2025
  • homebrew-tap Public
    Ruby 0 4 1 0 Updated Feb 25, 2025
  • cloudmapper Public Forked from duo-labs/cloudmapper

    CloudMapper helps you analyze your Amazon Web Services (AWS) environments.

    JavaScript 3 BSD-3-Clause 837 0 17 Updated Feb 2, 2025

People

This organization has no public members. You must be a member to see who’s a part of this organization.