The Open Source Security Foundation (OpenSSF) announced an expansion of its free course “Developing Secure Software” (LFD121).
Fugue announced new capabilities for deriving the most value out of the cloud.
The latest release is purpose-built to help organizations go faster in the cloud and reduce risks and vulnerabilities associated with reliance on reactive legacy cloud operations practices. By contrast, Fugue is architected on a proactive approach, with compliance continuously assured throughout the entire infrastructure lifecycle.
The new infrastructure governance solution was developed in concert with both federal and commercial customers for both compliance frameworks such as NIST-853 and corporate internal policies. Fugue launched infrastructure governance and compliance automation support for AWS GovCloud earlier this year.
Fugue’s new governance capabilities allow organizations to build compliance at the very beginning stage — the “declare” stage — of the cloud infrastructure lifecycle and then assure compliance at the subsequent “deploy” and “operate” stages. Specifically, Fugue delivers the following benefits:
- Declare: Brings DevOps and SecOps together to make compliance a priority in software delivery pipelines
- Deploy: Ensures cloud resources are always provisioned according to internal and external policies and standards
- Operate: Automatically detects and repairs any changes or configuration drift
The new release enables teams to collaboratively and proactively build cloud governance and security into code releases from the very beginning of the development cycle, reducing the time to market/mission by automating infrastructure security and compliance.
In addition, Fugue’s offering ensures that infrastructure resources are always provisioned according to policies and standards. With Fugue, no out-of-compliance infrastructure can be created, and risk is further mitigated by helping IT to avoid common cloud infrastructure governance pitfalls, such as dealing with “bolt-on” security monitoring tools and cumbersome manual incident review, audit and remediation processes.
When policies are updated, Fugue automatically identifies any impacts to running infrastructure and brings them into compliance to ensure consistency across the enterprise. Once provisioned, Fugue detects any unauthorized changes or policy violations and repairs them immediately and automatically to avoid “configuration drift” and facilitates ongoing compliance in highly secure, mission-critical computing environments such as government.
“We love that the federal government is embracing cloud automation, alongside commercial enterprise. Too often, the government lags industry in technology, but in this case, they are partners in innovation. History tells us that these alignments of public and private really drive strategic innovation, from the space program to the Internet,” commented Josh Stella, Fugue Co-founder and CEO. “Our latest release shows that Fugue’s holistic, proactive approach to cloud compliance, security and cost control is all about reducing complexity and operating costs, while helping organizations, including the federal government, deliver value, faster.”
Industry News
Redgate announced that its core solutions are listed in Amazon Web Services (AWS) Marketplace.
LambdaTest introduced a suite of new features to its AI-powered Test Manager, designed to simplify and enhance the test management experience for software development and QA teams.
StackHawk launched Oversight to provide security teams with a birds-eye view of their API security program.
DataStax announced the enhancement of its GitHub Copilot extension with its AI Platform-as-a-Service (AI PaaS) solution.
Opsera partnered with Databricks to empower software and DevOps engineers to deliver software faster, safer and smarter through AI/ML model deployments and schema rollback capabilities.
GitHub announced the next evolution of its Copilot-powered developer platform.
Crowdbotics released an extension for GitHub Copilot, available now through the GitHub and Azure Marketplaces.
Copado has integrated Copado AI into its Community to streamline support and accelerate issues resolution.
Mend.io and HeroDevs have forged a new partnership allowing Mend.io to offer HeroDevs support for deprecated packages.
Synechron has acquired Cloobees, a Salesforce implementation partner.
Check Point® Software Technologies Ltd. has been named as one of the World’s Best Employers by Forbes for the fifth year in a row.
Opsera announced its AI Code Assistant Insights.
Gearset released its latest innovation for Salesforce DevOps: Dev Sandbox Syncing.
Treblle announced the release of Treblle 3.0, its AI-enhanced API intelligence platform.