OpenText launched the latest version of ValueEdge -- an innovative modular, cloud-based DevOps and value stream management (VSM) platform.
Fugue Announces Unified Infrastructure as Code and Cloud Runtime Security
September 28, 2021
Fugue, a cloud security SaaS company, today announced Fugue IaC, a unified platform for securing infrastructure as code (IaC) and cloud runtime environments using a single set of policies.
Powered by a Unified Policy Engine, Fugue IaC saves cloud teams significant time and ensures consistent policy enforcement that eliminates the security gaps and wasted effort that come with using separate policies for IaC security and cloud security posture management (CSPM).
“Security represents the rate-limiting factor for how fast cloud engineering teams can go, and in order to change this, they need policy-based automation at every stage of the development lifecycle — from infrastructure as code through the runtime — based on a single source of truth,” said Stella. “The Fugue IaC and its Unified Policy Engine empower teams to ensure cloud security across development and operations using 50% fewer engineering resources while speeding up infrastructure approvals and deployments.”
Fugue delivers developer-friendly tooling to validate IaC templates against industry compliance standards and custom security policies — and builds automated IaC checks into Git workflows and CI/CD pipelines to prevent misconfiguration vulnerabilities in deployments. Cloud security teams can use those same policies to ensure cloud runtime environments stay secure post-deployment, including cloud resources deployed outside of IaC and CI/CD pipelines.
Fugue IaC Security Powered by Open Policy Agent: Fugue provides centralized IaC security management for cloud resource configurations, container orchestration, and containers. Teams can use Fugue to establish IaC security visibility across their organization. Fugue’s Unified Policy Engine leverages Open Policy Agent, the open standard for policy as code, and Regula, Fugue’s open source implementation of OPA for IaC and cloud security. OPA is a Cloud Native Computing Foundation (CNCF) graduated project.
Fugue IaC supports pre-deployment security checks for Terraform (HCL and plan files), AWS CloudFormation (YAML, JSON, AWS CDK, or composed by hand), Kubernetes manifests, and Dockerfiles. Fugue provides developer-friendly tooling for creating and testing custom policies using Rego, the language of OPA, and supports multi-resource checks to catch advanced cloud vulnerabilities. Developers can use Fugue to generate interactive visual maps of their IaC templates and export IaC diagrams to use for planning and approval processes.
Hundreds of Pre-Built Policies Mapped to Compliance Standards: Fugue provides hundreds of out-of-the-box rules for IaC and cloud runtime security that are mapped to SOC 2, NIST 800-53, GDPR, PCI, HIPAA, ISO 27001, CSA CCM, CIS Controls, CIS Docker, CIS Benchmarks for AWS, Microsoft Azure, Google Cloud, Docker, and Kubernetes. The Fugue Best Practices Framework provides additional protection by catching vulnerabilities that compliance standards can miss.
Industry News
March 21, 2023
Oracle announced the availability of Java 20, the latest version of the programming language and development platform.
March 21, 2023
Rafay Systems introduced Environment Manager, a solution that empowers enterprise platform teams to improve the developer experience by delivering self-service capabilities for provisioning full-stack environments.
March 20, 2023
To meet the growing demand for Oracle Container Engine for Kubernetes (OKE) with global organizations, Oracle Cloud Infrastructure (OCI) is introducing new capabilities that can boost the reliability and efficiency of large-scale Kubernetes environments while simplifying operations and reducing costs.
March 20, 2023
Perforce Software joined the Amazon Web Services (AWS) Independent Software Vendor (ISV) Accelerate Program and listed its free Enhanced Studio Pack (ESP) in AWS Marketplace.
March 20, 2023
Aembit, an identity platform that lets DevOps and Security teams discover, manage, enforce, and audit access between federated workloads, announced its official launch alongside $16.6M in seed financing from cybersecurity specialist investors Ballistic Ventures and Ten Eleven Ventures.
March 16, 2023
Hyland released Alfresco Content Services 7.0 – a cloud-native content services platform, optimized for content model flexibility and performance at scale.
March 16, 2023
CAST AI has announced the closing of a $20M investment round.
March 15, 2023
Check Point® Software Technologies introduced Infinity Global Services, an all-encompassing security solution that will empower organizations of all sizes to fortify their systems, from cloud to network to endpoint.
March 15, 2023
OpsCruise's Kubernetes and Cloud Service observability platform is certified to run on the Red Hat OpenShift Kubernetes platform.
March 14, 2023
DataOps.live released an update to the DataOps.live platform, delivering productivity for data teams.
March 14, 2023
CoreStack and Zensar announced a strategic global partnership. CoreStack will provide its AI-powered NextGen cloud governance and FinOps capabilities, complementing Zensar’s composable cloud operations offering.
March 14, 2023
Delinea introduced the Delinea Platform, a cloud-native foundation for Delinea's PAM solutions that empowers end-to-end visibility, dynamic privilege controls, and adaptive security.
March 13, 2023
Sysdig announced a new foundation that will serve as the long-term custodian of the Wireshark open source project.
March 13, 2023
Talend announced the latest update to Talend Data Fabric, its end-to-end platform for data discovery, transformation, governance, and sharing.
