So far, we’ve seen how Bridgecrew provides automation to help your developers block bad infrastructure PR’s, remediate current issues, and provide infrastructure security at each stage of the DevOps pipeline.
However, an often overlooked continuation of this process is to answer the “why”.
Automated tracing allows us to answer these questions easily, and compliments Checkov in our CI pipelines and the Bridgecrew policy integrations perfectly.
Bridgecrew’s new open source tool, yor.io enables automated code-to-cloud tracig of objects, by automatically and intelligently tagging infrastructure as code objets in your CI/CD pipeline.
This allows us to categorically understand which block of IaC created which cloud objects, when, where and how.
Lets take a quick trip into your, to round off our infrastructure security journey.