JFrog introduced Project Pyrsia, an open-source software community initiative that utilizes blockchain technology to secure software packages (A.K.A Binaries) from vulnerabilities and malicious code.
Fugue added support for Google Cloud to its multi-cloud security platform.
With Fugue, cloud engineering and security teams can secure their entire cloud development lifecycle (CDLC)—from infrastructure as code to production—across their Amazon Web Services (AWS), Microsoft Azure, and now Google Cloud environments using the same Cloud Security Posture Management (CSPM) solution.
Fugue automates immediate and continuous security visibility and compliance reporting for cloud development and operations to prevent misconfiguration vulnerabilities and streamline previously time-consuming and resource-intensive tasks. Fugue support for Google Cloud initially includes 59 resource types and audit and reporting capabilities for the CIS Google Cloud Computing Platform Foundations Benchmark, CIS Controls, CSA CCM, GDPR, HIPAA, ISO 27001, NIST 800-53, PCI, SOC 2, and custom enterprise policies.
Fugue covers security and compliance at every stage of the CDLC—from Terraform and AWS CloudFormation infrastructure as code checks to continuous runtime protection and compliance auditing and reporting. Fugue provides deeper protection against the kinds of advanced multi-resource misconfigurations that are playing a larger role in modern cloud attacks and are often overlooked by other tools and compliance frameworks.
“More enterprise organizations are using multiple cloud service providers and infrastructure as code tools, and their teams need a way to move faster and more securely, regardless of which clouds they’re using, or how they’re developing and deploying cloud infrastructure,” said Josh Stella, Co-Founder and CEO of Fugue. “With the addition of Google Cloud support, teams can now use Fugue to apply the same compliance rules and custom security policies consistently across their entire cloud footprint and cloud development lifecycle—without slowing down the pace of innovation.”
With Fugue, every team—from developers to ops to security and compliance—shares a single source of trust in what’s allowed in their cloud environment using the Fugue Rules Engine, built with Open Policy Agent, the open standard for policy as code. Because Fugue takes continuous snapshots of cloud configuration state, all teams operate under a single source of truth in what’s running in their environment at all times. Fugue’s interactive cloud infrastructure maps enable teams to zoom in to inspect configuration details and compliance violations and zoom out to see the big picture of their environment, and export diagrams to include with audits.