Bridgecrew Drops New Developer-first Platform, Streamlines Infrastructure Security from Code to Cloud

Bridgecrew | June 09, 2020

  • Bridgecrew transforms how teams secure their public cloud by embedding infrastructure security earlier in development lifecycles.

  • With new run-time and build-time integrations, Bridgecrew equips developers with automated fixes for cloud security issues—and delivers them as code.

  • Infrastructure-as-code allows teams to provision cloud workloads at scale, presenting both a challenge and opportunity when it comes to security.


Bridgecrew transforms how teams secure their public cloud by embedding infrastructure security earlier in development lifecycles. With new run-time and build-time integrations, Bridgecrew equips developers with automated fixes for cloud security issues—and delivers them as code. Public cloud security posture in run-time Bridgecrew connects seamlessly to cloud environments with run-time scanning for AWS, Azure, and Google Cloud. As teams expand their cloud footprints, Bridgecrew automatically identifies run-time issues that expose them to risk.


But unlike compliance and reporting tools, Bridgecrew comes fully equipped with automated playbooks to correct misconfigured resources. Infrastructure-as-code and workload protection in build-time. Infrastructure-as-code allows teams to provision cloud workloads at scale, presenting both a challenge and opportunity when it comes to security. Bridgecrew helps teams keep infrastructure-as-code secure by scanning for issues in Kubernetes, Terraform, and AWS CloudFormation. Bridgecrew also provides fixes at the infrastructure-as-code level—developers can open pull requests through version control system integrations with GitHub and Bitbucket or run code in their local environments.



Read more: NEED FOR EASY IT INFRASTRUCTURE MANAGEMENT IS DRIVING THE ADVANCED STRUCTURED CABLING MARKET

Infrastructure-as-code allows teams to provision cloud workloads at scale, presenting both a challenge and opportunity when it comes to security, Bridgecrew helps teams keep infrastructure-as-code secure by scanning for issues in Kubernetes, Terraform, and AWS CloudFormation.

~ AWS CloudFormation


Developer ecosystem integrations. In addition to providing cloud security posture visibility and automated remediations, Bridgecrew prevents cloud misconfigurations through CI/CD pipeline integrations with GitHub Actions, CircleCI, and Jenkins. Teams get cloud security monitoring as part of every build, ensuring that misconfigurations aren't unknowingly deployed. Ecosystem integrations with Jira, Splunk, and Slack provide real-time alerts where developers need them. Open-source software is key to Bridgecrew's platform and its mission to advance the codified cloud security movement.


Their engineering team supports community-led projects and develop their own tools: Checkov, a static analysis tool for infrastructure-as-code. AirIAM, a least-privilege automation framework for AWS IAM. TerraGoat, a "vulnerable-by-design" Terraform security training tool To empower developers to take a hands-on role in securing their public cloud infrastructure, Bridgecrew's free Community plan now includes both scanning and remediations.


Bridgecrew also provides fixes at the infrastructure-as-code level—developers can open pull requests through version control system integrations with GitHub and Bitbucket or run code in their local environments.


Bridgecrew is the codified cloud security platform trusted by teams from Brex, DataBricks, OneMain Financial, and more. Founded in 2019 by industry leaders Idan Tendler, Barak Schoster Goihman, and Guy Eisenkot, Bridgecrew is based in San Francisco and is backed by top-tier VCs, including Battery Ventures, NFX, and Sorensen Ventures. and is backed by top-tier VCs, including Battery Ventures, NFX, and Sorensen Ventures. Bridgecrew’s developer-first solution allows DevOps and engineering teams to save critical time and money as they address these ongoing security tasks with just the click of a button.


Traditional cloud security tools merely detect gaps in infrastructure security, pushing open issues and violations to DevOps and engineering teams to resolve. This requirement of manual remediation means issues take days or weeks to resolve, leaving a company’s infrastructure vulnerable. It’s also become the main deterrent for companies implementing cloud security and migrating to the cloud. The automated technology is also well-suited for the age of COVID-19 and today’s volatile market environment in which many organizations are trying to automate security and DevOps processes to cut costs and become significantly more efficient.


Read more: CARTESI CREATES LINUX INFRASTRUCTURE FOR BLOCKCHAIN DAPPS

Spotlight

Discover why cloud is one of the most transformative technologies of our generation.

Spotlight

Discover why cloud is one of the most transformative technologies of our generation.

Related News

HYPER-CONVERGED INFRASTRUCTURE, APPLICATION STORAGE

Rambus Launches New 6400 MT/s DDR5 Registering Clock Driver

Rambus | February 02, 2023

On February 1, 2023, Rambus Inc., a provider of chip and silicon IP that make data faster and safer, announced that its new 6400 MT/s DDR5 Registering Clock Driver (RCD) is now available and sampling for major DDR5 memory module (RDIMM) manufacturers. The Rambus Gen3 6400 MT/s DDR5 Registering Clock Driver provides a 33% increase in data rate and bandwidth over the Gen1 4800 MT/s solutions, enabling data center servers to benefit from a new level of main memory performance. In addition, it offers streamlined timing parameters for increased RDIMM margins while providing industry-leading latency and power. Rambus DDR5 memory interface chips, consisting of the RCD, Temperature Sensors, and Signal Presence Detect (SPD) Hub, are essential for cutting-edge servers to achieve a new level of performance. More intelligence is incorporated into the RDIMMs with DDR5 memory, allowing for over 2x the data rate and 4x the capacity of DDR4 RDIMMs, while simultaneously enhancing memory and power efficiency. Rambus is highly regarded for its signal integrity (SI) and power integrity (PI) knowledge, With over 30 years of experience in high-performance memory. This expertise enables DDR5 memory interface chips to transmit command/address and clock signals from the host memory device to the RDIMMs with superior signal integrity. Sean Fan, Chief Operating Officer at Rambus, explained, "Data center workloads have an insatiable thirst for greater memory bandwidth and capacity, and our mission is to advance the performance of server memory solutions that meet this need for each new server platform generation." He added, "We were first in the industry to 5600 MT/s, and now we have raised the bar with our Gen3 DDR5 RCD capable of 6400 MT/s to support a new generation of RDIMMs for server main memory." (Source – Business Wire) About Rambus Rambus Based in San Jose, California, Rambus provides innovative software, hardware, and services that drive technological advancements from the mobile edge to the data centers. The company's architecture licenses, chips, IP cores, software, and services positively affect the modern world, from memory and interfaces to emerging technologies. Its partners include foundries, prominent chip and system designers, and service providers in the industry. Integrated into countless devices and systems, the firm's products and technologies secure and power various applications, such as Internet of Things (IoT) security, Big Data, and many others.

Read More

HYPER-CONVERGED INFRASTRUCTURE

GRC’s ElectroSafe Fluid Partner Program Gains Momentum with SK Enmove

GRC® | February 21, 2023

On February 20, 2023, GRC® (Green Revolution Cooling), the leading company in immersion cooling for data centers, announced Korea's leading lubricant company, SK Enmove's participation in GRC's ElectroSafe® Fluid Partner Program. SK Enmove's participation in the program allows GRC's global data center customers access to SK Enmove's proprietary immersion cooling fluids. Moreover, the partnership enables both companies to jointly develop and enhance new fluid formulations and advancements. SK Enmove has developed an engineered thermal fluid that optimizes cooling for immersion-cooled data centers, delivering enhanced cooling efficiency and fire stability for data center operators. The proprietary fluid also increases the performance of server output and system safety while reducing operational costs and environmental impact. In addition, SK Enmove's fluid is engineered to withstand the equipment's lifespan and is recyclable and reusable after decommissioning, which aligns with the company's longstanding commitment to sustainability. The firm is currently one of the leading providers of EV fluid in the market. GRC's ElectroSafe Fluid Partner Program assesses and approves dielectric fluids specifically intended for GRC's immersion cooling systems. This guarantees that the solutions are both environmentally responsible and globally available. They meet expectations regarding material compatibility, performance, safety, and customer requirements for increased data center energy efficiency, cooling capacity, and reliability. Additionally, all fluids accepted in the program aid in achieving GRC customers' ESG objectives while improving data center performance. About GRC® GRC® (Green Revolution Cooling) is a company that provides innovative cooling solutions for data centers, high-performance computing, and artificial intelligence applications. Founded in 2009, the company's technology utilizes a unique liquid immersion cooling method that is environmentally friendly, energy-efficient, and cost-effective. Several products, including the ICEraQ™ and ICEtank® immersion cooling systems, help reduce energy consumption and increase computing performance. The firm has received several industry awards and recognitions, including the TechTarget 2020 Product of the Year, the CRN 2021 Data Center 100, and the Top Tier Product 2021 by the environmental organization, Green Business Certification Inc. (GBCI). GRC continues to expand its reach and partnerships with companies like SK Enmove.

Read More

HYPER-CONVERGED INFRASTRUCTURE,APPLICATION STORAGE

Mercury’s New RES Servers With Intel’s Data Center-class Processors for Aerospace & Defense

Mercury | January 27, 2023

Technology solutions provider, Mercury Systems, Inc., which delivers processing power to critical defense and aerospace missions, launched its next generation of rugged edge servers powered by 4th generation Intel Xeon Scalable processors. The new processors earlier known as Sapphire Rapids, are designed for faster compute-intensive edge workloads and provide quick insights needed for critical defense and aerospace missions. The all-new RES X08 servers are built using the decades of experience Mercury has with its COTS Rugged Edge Server (RES) rackmount family. RES X08 servers support powerhouse NVIDIA H100 GPUs, low-latency PCIe 5.0 fabrics, high-speed DDR5 memory, versatile Compute Express Link (CXL) expansion and 400 Gbps network cards, packed in a highly configurable, ultra-rugged chassis. Using innovative and secure design, Mercury’s servers are designed from the ground up to dissipate and withstand massive thermal loads which are created by larger, more powerful components. With a smaller footprint, Mercury’s servers are capable of delivering higher computational performance for accelerated workloads in industrial and military applications. Brian Perry, General Manager of Mercury’s Sensor Systems business unit, said, “The RES X08 follows in the lineage of field-proven RES X07 and RES X06 servers that meet the demanding requirements of mission-critical workloads at the edge.” He further added, “Tens of thousands of Mercury rugged servers are currently deployed across U.S. and international defense programs, and Mercury is proud to make the latest commercial Silicon Valley technologies profoundly more accessible to aerospace and defense customers.” (Source – GlobeNewswire) About Mercury Systems Mercury Based in Andover, Massachusetts, Mercury systems is a technology solutions provider. The company utilizes its strategic investments in R&D, business partnerships, and M&A; Mercury enables aerospace and defense leaders in agile defence systems, avionics and mission computing, and new technologies to transform their systems from legacy to cutting edge. This opens possibilities for an integrated approach to mission success. The crucial technologies, such as Signal, Software, and Security, required for mission success are included in the "core" of the Mercury Processing Platform. These technologies are made available from silicon to system scale with important differentiators, such as Mission Ready, Trusted and Secure, Software Defined and Open, and Modular.

Read More