JFrog introduced Project Pyrsia, an open-source software community initiative that utilizes blockchain technology to secure software packages (A.K.A Binaries) from vulnerabilities and malicious code.
Fugue announced a Team plan to help cloud engineering teams collaborate and innovate faster and more securely.
Fugue Team provides tools to visualize cloud infrastructure environments, detect and eliminate cloud misconfiguration, and run policy checks for a number of out-of-the-box compliance families.
Fugue Team joins Fugue Enterprise, which provides enterprise organizations with advanced security and visibility across their entire cloud footprint, and Fugue Developer, a free plan for individual engineers to manage the security of their own cloud infrastructure environments.
Fugue Team provides role based access control for building, accessing, and modifying cloud infrastructure environments, and the Fugue API for integrating cloud security into automated CI/CD pipelines to prevent cloud misconfiguration and policy violations. Fugue Team supports custom rules using Open Policy Agent, Fugue Best Practices to protect against advanced cloud misconfiguration exploits, and compliance families such as CIS Foundations Benchmark for AWS and Azure, GDPR, HIPAA, ISO 27001, NIST 800-53, PCI-DSS, and SOC 2.
“Fugue Team addresses the needs of cloud engineering teams that need to innovate quickly and collaborate on cloud infrastructure security, but don’t have the scaling needs across multiple teams and environments that Fugue Enterprise delivers,” said Phillip Merrick, CEO of Fugue. “Engineers own the security of their cloud infrastructure, and we’re excited to empower engineering teams with the advanced cloud visibility and security capabilities that Fugue brings in an offering that’s easy to adopt and use for their specific use cases.”
Fugue supports the open source Open Policy Agent toolset and framework for cloud infrastructure policy as code. Earlier this month, Fugue open sourced Regula, a tool for checking Terraform infrastructure as code for policy compliance. With Fugue and Regula, cloud engineers have an end-to-end cloud infrastructure security and compliance solution that supports every phase of the software development life cycle.