Progress is offering over 50 enterprise-grade UI components from Progress® KendoReact™, a React UI library for business application development, for free.
Fugue Announces IaC Security for AWS CloudFormation in Regula
May 13, 2021
Fugue announced support for AWS CloudFormation in Regula, the open-source infrastructure as code (IaC) policy engine.
Cloud engineering and security teams can now use Regula to secure their AWS CloudFormation and Terraform configurations prior to deployment—and apply those same rules to running cloud environments using the Fugue platform to secure the entire cloud development lifecycle.
Regula is ideal for organizations with DevOps teams that use both AWS CloudFormation and Terraform—and those operating multi-cloud environments. Regula is an AWS CloudFormation security tool that can address vulnerabilities involving multiple resources, and helps teams meet the CIS AWS Foundations Benchmarks 1.2.0 and 1.3.0. Regula easily integrates into CI/CD pipelines and enables pre-commit IaC checks and provides pull request feedback. Fugue provides examples of Regula working with GitHub Actions for CI/CD.
While Regula works independently of Fugue, teams can use Fugue to apply the same Regula rules to assess the security posture of their running AWS, Azure, and Google Cloud cloud infrastructure environments, eliminating the investment and cloud risk associated with using and reconciling different policy frameworks for different stages of the cloud development lifecycle and for different cloud platforms.
“Companies operating at scale in the cloud need a policy as code framework that’s flexible, works with the leading infrastructure as code tools, and can be used across cloud platforms at every stage of the cloud development lifecycle,” said Josh Stella, Co-Founder and CEO of Fugue. “By extending Regula support to AWS CloudFormation, cloud engineering and security teams now have a unified cloud policy framework that works with their tools and workflows, giving them the confidence to move faster in the cloud—without breaking the rules needed to keep cloud infrastructure secure and in compliance.”
Regula’s rule library checks for a wide variety of cloud misconfiguration vulnerabilities, such as dangerously permissive AWS IAM policies and security group rules, S3 buckets without “block public access” options enabled, Lambda function policies allowing global access, VPCs with flow logs disabled, EBS volumes with encryption disabled, and untagged cloud resources.
Regula supports user-defined rules using the Rego query language developed by the Open Policy Agent project—and includes helper libraries that enable users to easily build their own rules that conform to enterprise policies. Fugue created and open-sourced Fregot, a tool that enables developers to easily evaluate Rego expressions, debug code, and test policies.
Industry News
March 13, 2025
Opsera announced a new Leadership Dashboard capability within Opsera Unified Insights.
March 13, 2025
Cycloid announced the introduction of Components, a new management layer enabling a modular, structured approach to managing cloud resources within the Cycloid engineering platform.
March 12, 2025
ServiceNow unveiled the Yokohama platform release, including ServiceNow Studio which provides a unified workspace for rapid application development and governance.
March 12, 2025
Sonar announced the upcoming availability of SonarQube Advanced Security.
March 12, 2025
ScaleOut Software introduces generative AI and machine-learning (ML) powered enhancements to its ScaleOut Digital Twins™ cloud service and on-premises hosting platform with the release of Version 4.
March 11, 2025
Kurrent unveiled a developer-centric evolution of Kurrent Cloud that transforms how developers and dev teams build, deploy and scale event-native applications and services.
March 11, 2025
ArmorCode announced the launch of two new apps in the ServiceNow Store.
March 10, 2025
Parasoft(link is external) is accelerating the release of its C/C++test 2025.1 solution, following the just-published MISRA C:2025 coding standard.
March 10, 2025
GitHub is making GitHub Advanced Security (GHAS) more accessible for developers and teams of all sizes.
March 10, 2025
ArmorCode announced the enhanced ArmorCode Partner Program, highlighting its goal to achieve a 100 percent channel-first sales model.
March 06, 2025
Parasoft(link is external) is showcasing its latest product innovations at embedded world Exhibition, booth 4-318(link is external), including new GenAI integration with Microsoft Visual Studio Code (VS Code) to optimize test automation of safety-critical applications while reducing development time, cost, and risk.
March 06, 2025
JFrog announced general availability of its integration with NVIDIA NIM microservices, part of the NVIDIA AI Enterprise software platform.
March 06, 2025
CloudCasa by Catalogic announce an integration with SUSE® Rancher Prime via a new Rancher Prime Extension.
March 05, 2025
MacStadium(link is external) announced the extended availability of Orka(link is external) Cluster 3.2, establishing the market’s first enterprise-grade macOS virtualization solution available across multiple deployment options.
