We’ve covered scanning for misconfigurations during the development cycle and prior to committing to our repository. We can alert or block at each stage to provide that feedback early and make updates before the issues make it into production.

In this module, we’ll show how to visualize our posture and automate remediations. We teased this module in the VS Code section, where we performed our first fix, but in this section, we’ll fix the issues that make it into our repository and in production.

Module Learning Objectives

  • Investigate security violations in Bridgecrew
  • Automate pull requests in GitHub
  • Scan runtime resources for vulnerable infrastructure
  • Detect and mitigate drift