Bridgecrew Latest Open Source Contribution: Iac Tool, Yor.

Yor is an open source automated infrastructure-as-code tagging and tracing tool aimed at fixing cloud tagging complications


On May 27, 2021, Palo Alto Networks announced the release of an open source framework that negates the manual strain behind tagging cloud resources.

Tagging simplifies tasks, encourages cost allocation, risk management, and automation.
Tagging simplifies tasks, encourages cost allocation, risk management, and automation.
Key Facts
  1. 1

    Enterprises may leverage Yor to allocate ownership and relevant tags.

  2. 2

    Yor automatically provides developer IaC tags for framework templates with tracing details.

  3. 3

    Yor is basically a stage in CI/CD pipelines.

  4. 4

    Yor encourages automated simplicity in tracing misconfigurations to the developer behind it.


In the face of high scale breakdown in a security operations center, from scanning through a wide field of logs and charts and securing Shell Protocol, tracking the fault to the relevant teams responsible for the code disrupting the system. DevOps have a lot to do and less time to do them. They end up navigating a labyrinth-natured field to find out the developer behind the misconfiguration with alarms endlessly blaring.

Many enterprises have been in this kind of situation, and similar ones. There have been whispers and emphasis in DevSecOps communities on ways to optimize search in configurations and fewer answers to follow them up; these answers are not all-mighty.

Enterprises often employ cloud tagging to allocate cloud resources to responsible owners, not necessarily primarily for breakdown troubleshooting but also in the cases of code improvement and rewriting. Tagging simplifies tasks, encourages cost allocation, risk management, and automation.

Image courtesy: Image courtesy:

However, this forehand solution to that impending problem is not in any way easy. It not only requires hands-on practice and a lot of work but is also limited to resource owners in broad strokes. GitOps teams using infrastructure as code must make changes with IaC tags. Tracing a misconfiguration caused by a cloud resource to a line of code is no small feat. Without proper tags, peering through pull requests and finding the responsible person that wrote the code is bothersome.

Say no more, says cloud security firm Palo Alto Networks, through their mission-oriented addition, Bridgecrew. It is actually the first exhibition by Bridgecrew and Palo Alto since their merging and should be the talk of the security section of the open source communities.

Yor can comfortably fit into developer workflows, Yor can be integrated into a system's continuous integrations and continuous delivery pipelines. It provides allocation and tracing competencies in CloudFormation, Terraform, and Serverless templates by creating IaC tags automatically on activation.

Image courtesy: Image courtesy:

It is a tool SecOps would more than fancy; they would revere automation capable of taking on the work of tracing a misconfiguration back to the developer that orchestrated the code, tracking change management, and of course, intercloud resources tracing. This aids in determining the main cause of a runtime misconfiguration and makes detecting friction between code configuration and running resources more reliable.

Bridgecrew, the crew behind this magnificence, has an outstanding history in Infrastructure as code enhancements

Bridgecrew built Yor, the team behind the popular open source IaC scanner Checkov, downloaded over 2 million times by developers. Palo Alto Networks acquired Bridgecrew in March 2021, and together they continue to invest in new and existing open source projects.

Get similar stories in your inbox weekly, for free

Is this news interesting? Share it with your followers

Latest stories

DevOps: Report on Devil's Practices by DORA

The report is drafted from a report release of the annual research and survey of …

Amazon Elasticsearch Gets a New Version With Name Deprecated

Accompanied by new advancements is Amazon OpenSearch, the same body of code as its predecessor, …

McAfee Partners With IBM Security to Deliver TD Synnex Security Solution

The MVISION platform and Security wing of IBM's partnership endgame are to extend increased protection …

Amazon MSK Connect Launched to Better Apache Kafka UX

Amazon follows up on its 2018 data streaming software, Amazon Managed Streaming for Apache Kafka, …

Cloud: Zone Redundant Storage Released on General Availability

The report is drafted from a press release of the Microsoft Azure team on the …

Security: IBM Traces Two-Thirds of Compromises to Misconfigured APIs

The report is drafted from a sweeping survey of dark web analysis and various X-Force …