Bridgecrew: Cloud Security with Barak Schoster

Cloud computing provides tools, storage, servers, and software products through the internet. Securing these resources is a constant process for companies deploying new code to their cloud environments. It’s easy to overlook security flaws because company applications are very complex and many people work together to develop them. Wyze Labs, for example, had millions of users’ data stolen due to a mistake by a single employee.

The company Bridgecrew is a cloud security platform helping to prevent mistakes like that from happening. Bridgecrew integrates into developer workloads to automatically find infrastructure errors in cloud accounts, workloads, and infrastructure as code. Their platform also monitors code reviews and build pipelines to prevent errors from being deployed into production. If an error is found then Bridgecrew’s software reverts that code back to its last known correct state. 

In today’s episode we talk with Barak Schoster, CTO and co-founder at Bridgecrew. Barak previously worked as a senior software architect at RSA Security and as a software architect at Fortscale before that. We discuss cloud security, Infrastructure as Code, and big data architecture.

Sponsorship inquiries: sponsor@softwareengineeringdaily.com

Transcript

Transcript provided by We Edit Podcasts. Software Engineering Daily listeners can go to weeditpodcasts.com to get 15% off the first three months of audio editing and transcription services with code: SED. Thanks to We Edit Podcasts for partnering with SE Daily. Please click here to view this show’s transcript.


Sponsors

Showwcase is a social network built and optimised for developers. Developers can connect, share their knowledge and showcase their projects with like-minded individuals. As the world is increasingly filled with more and more developers, it’s about time we had a network built around developer workflows, tools, and features. If you are a content creator for developers, Showwcase helps you make money by putting your content behind a paywall. To activate your paywall free for 6 months, go to showwcase.com/sedaily

From their recent report on serverless adoption and trends, Datadog found half of their customer base using EC2s have now adopted AWS Lambda. You can easily monitor all your serverless functions in one place and generate serverless metrics straight from Datadog. Check it out yourself by signing up for a free 14-day trial and get a free t-shirt at softwareengineeringdaily.com/datadog

Try out Chaos Engineering for yourself. Gremlin recently unlocked all 11 attack types in the free tier. With over 40 pre-built Scenarios, you can ensure your system is ready for a wide variety of failure modes. Go to gremlin.com/sedailypod

ClickUp is no-code project management software that brings all of your engineering work into one place, and they guarantee to save you one day every week by consolidating your tools. Engineers use ClickUp to collaborate on code, docs, sprints, bug tracking, roadmaps, and chat. So code smarter, not harder with ClickUp. Try ClickUp for Free today at ClickUp.com/sedaily and use code SED to get 30% off Unlimited and 15% off Business plans.

Software Daily

Software Daily

 
Subscribe to Software Daily, a curated newsletter featuring the best and newest from the software engineering community.