“This release is the most significant update to Checkov since it launched in 2019,” said Matt Johnson, Bridgecrew developer advocate lead at Palo Alto Networks. “Dependency awareness means developers have even more context earlier in the development lifecycle, helping companies around the world better secure their cloud infrastructure.”
According to a recent survey produced by Secure Code Warrior, 70% of organizations recognize the importance of secure coding practices, indicating an industry-wide shift from reaction to prevention and an embrace of DevSecOps. Unlike other static code analysis tools that rely on interim ad hoc modeling, Checkov is now built on a graph-based model that provides an entirely new way of modeling configuration risk in cloud native software composition. That context awareness ensures more relevant and reliable scan results, making it easier for developers to prioritize and understand the impact of identified misconfigurations.