LaunchDarkly announced the private preview of Warehouse Native Experimentation, its Snowflake Native App, to offer Data Warehouse Native Experimentation.
Fugue Announces Unified Infrastructure as Code and Cloud Runtime Security
September 28, 2021
Fugue, a cloud security SaaS company, today announced Fugue IaC, a unified platform for securing infrastructure as code (IaC) and cloud runtime environments using a single set of policies.
Powered by a Unified Policy Engine, Fugue IaC saves cloud teams significant time and ensures consistent policy enforcement that eliminates the security gaps and wasted effort that come with using separate policies for IaC security and cloud security posture management (CSPM).
“Security represents the rate-limiting factor for how fast cloud engineering teams can go, and in order to change this, they need policy-based automation at every stage of the development lifecycle — from infrastructure as code through the runtime — based on a single source of truth,” said Stella. “The Fugue IaC and its Unified Policy Engine empower teams to ensure cloud security across development and operations using 50% fewer engineering resources while speeding up infrastructure approvals and deployments.”
Fugue delivers developer-friendly tooling to validate IaC templates against industry compliance standards and custom security policies — and builds automated IaC checks into Git workflows and CI/CD pipelines to prevent misconfiguration vulnerabilities in deployments. Cloud security teams can use those same policies to ensure cloud runtime environments stay secure post-deployment, including cloud resources deployed outside of IaC and CI/CD pipelines.
Fugue IaC Security Powered by Open Policy Agent: Fugue provides centralized IaC security management for cloud resource configurations, container orchestration, and containers. Teams can use Fugue to establish IaC security visibility across their organization. Fugue’s Unified Policy Engine leverages Open Policy Agent, the open standard for policy as code, and Regula, Fugue’s open source implementation of OPA for IaC and cloud security. OPA is a Cloud Native Computing Foundation (CNCF) graduated project.
Fugue IaC supports pre-deployment security checks for Terraform (HCL and plan files), AWS CloudFormation (YAML, JSON, AWS CDK, or composed by hand), Kubernetes manifests, and Dockerfiles. Fugue provides developer-friendly tooling for creating and testing custom policies using Rego, the language of OPA, and supports multi-resource checks to catch advanced cloud vulnerabilities. Developers can use Fugue to generate interactive visual maps of their IaC templates and export IaC diagrams to use for planning and approval processes.
Hundreds of Pre-Built Policies Mapped to Compliance Standards: Fugue provides hundreds of out-of-the-box rules for IaC and cloud runtime security that are mapped to SOC 2, NIST 800-53, GDPR, PCI, HIPAA, ISO 27001, CSA CCM, CIS Controls, CIS Docker, CIS Benchmarks for AWS, Microsoft Azure, Google Cloud, Docker, and Kubernetes. The Fugue Best Practices Framework provides additional protection by catching vulnerabilities that compliance standards can miss.
Industry News
February 13, 2025
SingleStore announced the launch of SingleStore Flow, a no-code solution designed to greatly simplify data migration and Change Data Capture (CDC).
February 13, 2025
ActiveState launched its Vulnerability Management as a Service (VMaas) offering to help organizations manage open source and accelerate secure software delivery.
February 12, 2025
Genkit for Node.js is now at version 1.0 and ready for production use.
February 12, 2025
JFrog signed a strategic collaboration agreement (SCA) with Amazon Web Services (AWS).
February 12, 2025
mabl launched of two new innovations, mabl Tools for Playwright and mabl GenAI Test Creation, expanding testing capabilities beyond the bounds of traditional QA teams.
February 11, 2025
Check Point® Software Technologies Ltd. announced a strategic partnership with leading cloud security provider Wiz to address the growing challenges enterprises face securing hybrid cloud environments.
February 11, 2025
Jitterbit announced its latest AI-infused capabilities within the Harmony platform, advancing AI from low-code development to natural language processing (NLP).
February 11, 2025
Rancher Government Solutions (RGS) and Sequoia Holdings announced a strategic partnership to enhance software supply chain security, classified workload deployments, and Kubernetes management for the Department of Defense (DOD), Intelligence Community (IC), and federal civilian agencies.
February 10, 2025
Harness and Traceable have entered into a definitive merger agreement, creating an advanced AI-native DevSecOps platform.
February 10, 2025
Endor Labs announced a partnership with GitHub that makes it easier than ever for application security teams and developers to accurately identify and remediate the most serious security vulnerabilities—all without leaving GitHub.
February 07, 2025
Are you using OpenTelemetry? Are you planning to use it? Click here to take the OpenTelemetry survey.
February 06, 2025
GitHub announced a wave of new features and enhancements to GitHub Copilot to streamline coding tasks based on an organization’s specific ways of working.
February 06, 2025
Mirantis launched k0rdent, an open-source Distributed Container Management Environment (DCME) that provides a single control point for cloud native applications – on-premises, on public clouds, at the edge – on any infrastructure, anywhere.
February 06, 2025
Hitachi Vantara announced a new co-engineered solution with Cisco designed for Red Hat OpenShift, a hybrid cloud application platform powered by Kubernetes.
