JFrog announced that its DevOps Platform tools – JFrog Artifactory and JFrog Xray – are available with native deployment templates for customers using AWS GovCloud (US) and Azure Government clouds.
Fugue announced new capabilities for bringing public cloud container resources into compliance and ensuring the continuous security of container runtime configurations.
The new capabilities deliver security and compliance visibility and reporting for managed container services offered by Amazon Web Services and Microsoft Azure and turnkey support for the CIS Docker Benchmark.
The new Fugue features provide continuous configuration visibility, security checks, and compliance reporting for AWS Elastic Container Service (ECS) with Fargate, AWS Elastic Kubernetes Service (EKS), Azure Container Instances, and Azure Container Registry. Developers can run policy checks on their infrastructure-as-code to ensure their managed container resources are configured securely according to the CIS Docker Benchmark and their custom rules, and use those same rules to ensure continuous container runtime security in production.
“Our customers are increasingly taking advantage of the managed container services offered by cloud providers such as AWS and Microsoft Azure, and they need an efficient and effective way to ensure those resources are configured securely and stay that way,” said Josh Stella, co-founder and CEO of Fugue.
Fugue recently introduced next-generation Cloud Security Posture Management (CSPM) capabilities that leverage its cloud state machine and OPA-based policy-as-code engine to provide customers with continuous visibility into the full configuration state and security posture of their entire environment. With Fugue’s data warehouse, teams can analyze their data using Fugue’s native tools or their third party business intelligence (BI) and security information and event management (SIEM) tools.
Fugue radically streamlines cloud compliance with full historical audit evidence and out-of-the-box support for industry standards, including CIS Foundations Benchmarks, CIS Docker Benchmark, GDPR, HIPAA, ISO 27001, NIST 800-53, PCI, and SOC 2. Fugue supports custom enterprise policies using OPA and provides the Fugue Best Practices framework to protect against advanced misconfiguration exploits that compliance frameworks can miss, including complex Identity and Access Management (IAM) vulnerabilities.