Fugue Adopts Open Policy Agent for its Policy-as-Code Framework for Cloud Security
October 08, 2019

Fugue announced support for Open Policy Agent (OPA), an open source general-purpose policy engine and language for cloud infrastructure.

Fugue is leveraging OPA and Rego, OPA's declarative policy language, for cloud infrastructure policy-as-code to provide customers with maximum flexibility when implementing their custom enterprise policies. The Cloud Native Computing Foundation (CNCF) accepted OPA as an incubation-level hosted project in April 2019.

While much of the focus of OPA has been on developing access policies for Kubernetes, Fugue is driving the adoption of OPA to address a wider variety of use cases for securing cloud environments on Amazon Web Services (AWS) and Microsoft Azure, including the application of common compliance frameworks to full cloud infrastructure stacks. The Fugue team has developed tools and enhancements to improve OPA's developer experience. Fugue has provided many of these enhancements to the OPA open source project, and will continue to do so.

Fugue has also added support to its product for customer-defined rules written using OPA and Rego. This sets Fugue apart from cloud infrastructure policy management solutions that rely on proprietary and inflexible rule languages that lock-in customers and are incompatible with other policy languages used elsewhere in the enterprise. Fugue also uses OPA to provide out-of-the-box support for commonly used compliance frameworks including CIS Foundations Benchmarks, GDPR, HIPAA, ISO 27001, NIST 800-53, PCI, and SOC 2.  

"Fugue has been developing policy-as-code solutions for some time, and now we're offering an easy-to-use, open source solution for writing policies for cloud infrastructure," said Phillip Merrick, CEO of Fugue.  "Our customers can use the same open language for defining their cloud infrastructure policies in Fugue that they are using for other enterprise policy needs. This eliminates the need to learn other vendors' proprietary, inflexible policy languages."

- Fugue's custom rules capabilities that leverage OPA enable users to:

- Build and manage custom, user-defined cloud infrastructure rules in OPA Rego via the Fugue API, CLI, and web interface

- Validate and test custom rules while they are being written with helpful errors that save time

- Continuously validate and report on compliance for custom rules and out-of-the-box policy frameworks

"Fugue is running millions of security rule evaluations every day using OPA, so we've put a lot of work into improving performance and developer tooling and will be contributing all of that back to the open source community," said Josh Stella, co-founder and CTO of Fugue. "OPA is a significant development for policy-as-code, and Fugue is fully committed to supporting and contributing to it."

Custom rules with Fugue using OPA is available now for all Fugue customers.

Share this

Industry News

December 05, 2019

Parasoft announced the newest release of Parasoft C/C++test, the unified C and C++ development testing solution for enterprise and embedded applications.

December 05, 2019

Datadog announced Security Monitoring, a new product that enables real-time threat detection across the entire stack and deeper collaboration between security, developers, and operations teams.

December 05, 2019

Pulumi announced the availability of Pulumi Crosswalk for Kubernetes, an open source collection of frameworks, tools and user guides that help developers and operators work better together delivering production workloads using Kubernetes.

December 04, 2019

CloudBees announced a Preview Program for CloudBees CI/CD powered by Jenkins X, a Software as a Service (SaaS) continuous integration and continuous delivery solution running on Google Cloud Platform.

December 04, 2019

Rancher Labs announced the general availability of K3s, their lightweight, certified Kubernetes distribution purpose built for small footprint workloads, along with the beta release of Rio, their new application deployment engine for Kubernetes that delivers a fully integrated deployment experience from operations to pipeline.

December 04, 2019

WhiteSource announced a new integration with Codefresh, the Kubernetes-native CI/CD solution.

December 03, 2019

Styra is addressing one of the most significant enterprise blockers of Kubernetes: compliance. With Styra, enterprises can move Kubernetes clusters into production en masse while complying with traditional governance, audit, and compliance rules and regulations.

December 03, 2019

Nureva added 13 agile-themed templates to Span Workspace, Nureva’s expansive cloud-based digital canvas for visual planning and team collaboration.

December 03, 2019

Threat Stack announced support for AWS Fargate in the Threat Stack Cloud Security Platform.

December 02, 2019

Tricentis announced the publication of Enterprise Continuous Testing: Transforming Testing for Agile and DevOps, written by Tricentis Founder Wolfgang Platz and Cynthia Dunlop.

December 02, 2019

JFrog announced the availability of the popular JFrog Platform subscription package Cloud Pro X on AWS Marketplace.

December 02, 2019

MuleSoft will extend its Anypoint Runtime Fabric to run on Google Cloud.

November 26, 2019

NeuVector announced the immediate availability of its “Security Policy as Code” capability for Kubernetes services.

November 26, 2019

Agile Stacks announced the launch of KubeFlex, a new cloud-native software platform enabling zero-touch Kubernetes deployments in data centers and at the edge.

November 26, 2019

Bacula Systems announced significant enhancements to its backup module for Kubernetes clusters.