Embed build-time to run-time security in your Bitbucket delivery pipeline
Organizations recognize the need to integrate security into their software development process. However, microservice architectures, multi-cloud infrastructure, containers, and Kubernetes all introduce new vectors for vulnerabilities.
Atlassian Bitbucket Cloud is a Git-based code hosting and collaboration tool built for teams. Its various integrations bring the entire software team together and provide a single place to collaborate on code (from concept to Cloud), build quality code through automated testing, and confidently deploy the code when finished.
Security with Lacework
Lacework delivers end-to-end visibility into everything that’s going in a customer’s cloud. Our technology analyzes data from applications, services, users, and networks to detect threats, vulnerabilities, misconfigurations, and sketchy activity.
Lacework’s machine learning discerns what’s normal in the cloud environment and alerts to anomalous behavior, giving the full context to make investigations quick and easy. Best of all, with our behavioral analytics, there is no need to write or maintain the rules used by legacy security tools.
Lacework + Atlassian Bitbucket Cloud
The Lacework Scan pipe allows Bitbucket Cloud customers to integrate Lacework security capabilities deeply into the CI/CD process by allowing you to scan and assess Docker container images and software packages for vulnerabilities.
Lacework’s unique container and Kubernetes workload protection features allow your organization to embed security in your company’s software delivery pipeline from code build to deployment as well as embed security at multiple stages of your software supply chain while providing multiple redundant and overlapping layers of security.
By integrating Lacework into your Bitbucket Cloud, you’ll be able to:
- Detect vulnerabilities in container images and software packages.
- Discover software vulnerabilities during the build process and prevent software from being deployed.
- Enable an additional layer of protection from Lacework’s comprehensive suite of build to runtime software security features.
- Quickly integrate the Lacework Inline Scanner into your Bitbucket Pipelines CI/CD – add the Lacework Scan Pipe in just a few seconds.
- Send your alerts to Jira for triage and resolution
Ready to see us in action?
Spot unknowns sooner and continuously watch for signs of compromise. Take us on a test drive to see for yourself