Secure your pipeline by securing your config files

Automated tools for identifying, scanning and securing the configuration files of IaC, container, OS and application and their dependencies.

Thank you! We will respond within 1 business day.

Something went wrong while submitting the form. Please try again.

[data-wf-bgvideo-fallback-img] { display: none; } @media (prefers-reduced-motion: reduce) { [data-wf-bgvideo-fallback-img] { position: absolute; z-index: -100; display: inline-block; height: 100%; width: 100%; object-fit: cover; } }

[data-wf-bgvideo-fallback-img] { display: none; } @media (prefers-reduced-motion: reduce) { [data-wf-bgvideo-fallback-img] { position: absolute; z-index: -100; display: inline-block; height: 100%; width: 100%; object-fit: cover; } }

-Templates are a starting point-

Identify misconfigurations in default templates

View DockerHub Report

Software misconfigurations are a common threat vector for organizations of all sizes.

Software configurations are increasingly complex. It's simple to set-up and integrate new services. The speed and scale provided by spinning new services and containers often means the configuration is overlooked.

CoGuard seeks out configurations and looks across interdependencies, to detect breach paths pre-deployment.

A checkmark in a sheild

Identify common misconfigurations across IaC, orchestration, container, OS and applications

A checkmark in a sheild

Description of configuration parameters and security vulnerabilities found

A checkmark in a sheild

Remediation steps for fixes

A checkmark in a sheild

Seamless policy as code for config files & dependencies

Identify misconfigurations pre-Deployment

Image of a gear and lock

Extend CI/CD Security

Discovers configuration files for IaC, containers, applications, and their dependencies.
‍

Cyber Security

Scans configuration files against known database of known vulnerabilities for misconfigurations including CIS benchmarks, OWASP...

SBOM and Auditing

SBOM and Auditing

Framework for collecting and monitoring application configuration files including software bill of materials (SBOM) and auditing.

Custom Security Checks

Custom Checks

Implement custom rules, policies and reporting for your development, IT infrastructure and security departments requirements.

Best practice for teams

Fits in your existing CI/CD pipeline. Extensible and adaptable rules. Grows with teams as size and software complexity increases.

Trusted by DevOps, Infrastructure and Security teams

- CoGuard supports -

Configuration security for all layers

CoGuard scans all layers of your IT infrastructure including: IaC, OS, container, and application layers and their dependencies.

IaC Tools

Chef Server
AWS CloudFormation
Azure Resource Manager
TerraForm

Containers

Docker
Kubernetes

Databases

MongoDB
PostgreSQL
MySQL
Microsoft SQL

Streaming services

Apache Kafka
Apache Solr

Text search engines

ElasticSearch

Distributed file systems

Apache Hadoop
MinIO

Web servers

NGINX
Apache Webserver
Microsoft IIS
Apache Tomcat

Authentication Services

Kerberos
Keycloak

GitHub

GitLab

TerraForm

Progress Chef

Puppet

Docker

CoGuard CLI

Azure Pipelines

GitHub Actions

Jenkins

Bitbucket Pipelines

GitHub

GitLab

TerraForm

Progress Chef

Puppet

Docker

CoGuard CLI

Azure Pipelines

GitHub Actions

Jenkins

Bitbucket Pipelines

TerraForm

Puppet

Progress Chef

Jenkins

GitLab

GitHub Actions

GitHub

Docker

CoGuard CLI

Bitbucket Pipelines

Azure Pipelines

TerraForm

Puppet

Progress Chef

Jenkins

GitLab

GitHub Actions

GitHub

Docker

CoGuard CLI

Bitbucket Pipelines

Azure Pipelines

CoGuard CLI output

Add to existing workflows

Embeds configuration files into secure development practices.

A checkmark in a sheild

Identify configuration files and misconfigurations

A checkmark in a sheild

Vulnerability remediation for configurations at IaC, Container and application layers

A checkmark in a sheild

Seamless policy as code for config files & dependencies

Developer-Centric Tools

CoGuard Cluster Management screenshot

CoGuard Configuration Drift screenshot

Dashboard

Security Policy
as Code

Reduce risk by identifying and automating IaC, container and application security in development workflows pre-deployment and detecting drifted and missing resources post-deployment.

A checkmark in a sheild

Adaptable policy engine to improve compliance at the source

A checkmark in a sheild

Identify resources in your software environment

A checkmark in a sheild

Build your SBOM through detected configurations and dependencies

A checkmark in a sheild

Drift detection by identifying changing resources and configurations

Your security configuration management
action plan

Human error caused data breach and downtime is on the rise. We believe pre-deployment static analysis is the solution! You've done it for your code, it's time to dive into your configurations and to make them stable too.

A checkmark in a sheild

Reduce post deployment downtime

A checkmark in a sheild

Reduce data breach risk due to human error

A checkmark in a sheild

Reduce setup time of new services and updates

A checkmark in a sheild

Establish configuration baselines and detect configuration drift

A checkmark in a sheild

Assess and identify configuration vulnerabilities across applications, containers and cloud providers

Pricing

Flexible pricing for developers, projects, teams and enterprises.

Community

2 users

Always

Free

Enterprise

unlimited users

To get started,

Contact Us

Compare pricing plans and features

Arrow pointing right

Blog

Stay up to date on DevOps, Security & Infrastructure

View all resources

Security hardening a new React project

You can use this article as a guideline for your own projects, and it is not restricted to React/NodeJS specifically. We have shown how to initialize a project, and the components that need to be present. With this article, you get a sense on what it takes to fix the initial items that are flagged. Maintaining a clean report for each tool as you build the project will set you up for scale, and give you confidence that your changes will not break things that easily.

Setting up a project with a security-hardened CI/CD pipeline

This article demonstrates how to start building a react application, get it committed to GitHub and set up linting and code scanning. Then we set up and use GitHub Actions, Docker, Docker Compose, GitHub Secrets and CoGuard to build and secure the initial CI/CD pipeline.

Product Updates

Announcement: Support for OpenTelemetry Collector

CoGuard CLI adds configuration file security scanning support for OpenTelemetry users. CoGuard provides OpenTelemetry users an automated pre-deployment security scanning tool that identifies and scans Collector configuration files and their dependencies for known misconfigurations and vulnerabilities.

Static analysis
for config files

Automated tools for discovering, scanning and securing the configuration files for IaC, containers, applications and their interdependencies.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.