Episode Summary for Bridgecrew: Cloud Security with Barak Schoster

Introduction to Bridgecrew

As cloud technology begins to grow, maintaining security of vulnerable data can become a pressing issue for many companies. The CTO of Bridgecrew, Barak Schoster, explains the vision behind the company as it aims to monitor infrastructure and security errors from being deployed into production. Bridgecrew focuses on ‘bridging the gap between code and security’. Often, teams may neglect best practices of security and this can result in time-consuming and expensive errors for the future. Barak discusses common sources of misconfiguration, including copying solutions from websites that lack knowledge of best practices. In fact, almost 50% of any open source repository is misconfigured by default, so remaining mindful of the information used is critical. This is an issue that can be dangerous if not addressed earlier as it can put valuable company data at risk.

Development life cycle of Cloud Infrastructure

Barak expresses the importance of reviewing code after each stage before production. The earlier an issue is identified, the easier it is to fix.

  • Stage 1: Identify misconfiguration when writing the actual code – Bridgecrew offers a VSCode extension, Chekov, that guides developers to fix security issues
  • Stage 2: CI/CD running process – Bridgecrew enables collaboration and visibility to different teams to resolve issues alerted by automated bot.
  • Stage 3: Continuous deployment – scan the plan of a Terraform before applying the change to a running environment.
  • Stage 4: Runtime configuration scanning – provides continuous assurance that the production environment is in a good state.

    Engineering

    Bridgecrew leverages services provided by AWS to build their platform. 

  • AWS Lambda – core compute infrastructure for short leaving tasks and supports any scale of scanning without issues.
  • To account for a Lambda timeout, they added SQS queues and partitioning logic.
  • ECS Fargate – core compute infrastructure for long leaving tasks. 
  • Chose Fargate over Kubernetes

    This article is purposely trimmed, please visit the source to read the full article.

    The post Episode Summary for Bridgecrew: Cloud Security with Barak Schoster appeared first on Software Engineering Daily.

    This post was originally published on this site