Welcome!

In this workshop, you’ll learn how to leverage infrastructure as code (IaC) and DevSecOps to automate your cloud security efforts. If you’re interested in making cloud security more efficient, proactive, and accessible to developers, this workshop is for you!

Using Bridgecrew, GitHub, AWS CodeBuild, and AWS CodePipeline, you’ll get hands-on experience implementing an automated CloudFormation security and compliance workflow.

Learning Objectives

  • Overview of DevSecOps and CloudFormation infrastructure as code (IaC)
  • Getting started with Bridgecrew to scan for CloudFormation misconfigurations
  • Setting up your CI/CD pipeline to automate security scanning and policy enforcement
  • Fixing IaC security errors and AWS resource misconfigurations with Bridgecrew

Before we dive in, let’s go through a refresher on the core concepts explored in this workshop.