DEVOPSdigest

Fugue announced the availability of its SaaS product in AWS Marketplace, further simplifying the process for Amazon Web Services customers to use Fugue to bring their environments into compliance quickly, demonstrate compliance at any time, and Shift Left on cloud security.

By making Fugue available in AWS Marketplace, the company continues its mission to empower engineers to build and operate in the cloud securely with tools that are innovative and easy to adopt and use.

Fugue recently announced its next-generation cloud security and compliance (CSPM) capabilities that provide continuous cloud compliance by capturing the full configuration state of infrastructure environments over time and validating infrastructure using Fugue’s policy engine based on Open Policy Agent (OPA), the open source standard for policy-as-code. Fugue provides turnkey support and reporting for CIS AWS Foundations Benchmarks, CIS Controls/SANS Top 20, GDPR, HIPAA, ISO 27001, NIST 800-53, PCI, SOC 2, and custom enterprise policies.

“Software engineers are responsible for keeping their AWS environments secure and proving cloud compliance at all times, and Fugue is dedicated to helping them with developer-friendly tools that don’t slow them down,” said Phillip Merrick, CEO of Fugue. “With AWS Marketplace, it’s even easier for teams to get up and running with Fugue to quickly understand their AWS security posture, establish continuous compliance and reporting, and build cloud security into development and CI/CD pipelines.”

Fugue’s next-generation CSPM capabilities empower teams to continuously demonstrate compliance using:

- The data warehouse and advanced reporting tools that make it easy to demonstrate cloud compliance and analyze their AWS configuration state with their third party BI and SIEM tools.

- Policy-as-code analysis using OPA that automatically assesses the security posture of cloud infrastructure environments and delivers a detailed and prioritized path to bring them into compliance.

- Interactive, exportable visual maps that create a shared understanding across teams of the resources running in a cloud environment, including all configurations, resource relationships, and security vulnerabilities.

Fugue identifies cloud misconfiguration and compliance violations and helps teams address it with:

- Cloud configuration baselining and drift detection to understand every change made to a cloud environment and whether those changes violate policy or introduce misconfiguration vulnerabilities.

- Configuration drift reporting that includes detailed remediation feedback and API-based integrations so teams can get the notifications they need, when they need them.

- Baseline enforcement that makes security-critical configurations self-healing by automatically remediating unauthorized change — without the need for automation scripts or the risk of unintended destructive events.

Fugue empowers engineers to find and fix cloud security and compliance issues early in the software development lifecycle with:

- An API to integrate cloud security in CI/CD pipelines that automatically run policy checks on cloud infrastructure configurations prior to deploying to production.

- On-demand policy checks for dev environments to identify security issues and get the feedback needed to remediate them and move forward.

- Infrastructure-as-code validation with Regula, Fugue’s open source tool that applies the same OPA policy-as-code rules used to assess running cloud environments.

It takes 15 minutes to get up and running with Fugue.