Fugue Compliance Suite Released
October 22, 2018

Fugue announced the availability of the Fugue Compliance Suite to make it easier for enterprises to validate cloud infrastructure against security and compliance policy to prevent data breaches.

Included in the Fugue 1.8 product release, the Compliance Suite contains pre-built validations expressed in policy-as-code libraries that are mapped to AWS CIS Benchmarks, NIST 800-53 Rev. 4, GDPR, and HIPAA.

“As enterprise cloud adoption increases, so have data breaches and other security and compliance incidents due to cloud misconfiguration exposure,” said Phillip Merrick, CEO of Fugue. “Because of this, cloud security and compliance are now top enterprise priorities, but it’s important that solutions don’t slow the pace of innovation. The Fugue Compliance Suite is designed to help cloud teams move fast and at scale to ensure that compliance policy is continuously enforced at every stage.”

Cloud infrastructure and security teams can use the Fugue Compliance Suite to automatically identify compliance violations. This allows teams to easily establish known-good infrastructure baselines that can be replicated, shared, scaled, and continuously enforced. Automated policy checks can be integrated into CI/CD pipelines to support DevOps speed and agility while preventing resources that violate compliance standards from being provisioned. For running infrastructure, Fugue automatically identifies unauthorized changes and reverts them back to a known-good baseline. This eliminates critical vulnerabilities the moment they occur.

The Fugue Compliance Suite includes pre-built, policy-as-code libraries for the following compliance regimes:

- NIST 800-53 Rev. 4 (National Institute of Standards and Technology). A catalog of security controls developed by NIST that are used to protect federal government information systems.

- AWS CIS Benchmarks (Center for Internet Security). Consensus-based industry best practices to help organizations assess and improve their security.

- HIPAA (Health Insurance Portability and Accountability Act). Law requiring all HIPAA-covered businesses to prevent unauthorized access to Protected Health Information (PHI).

- GDPR (General Data Protection Regulation). Controls to enforce the European Union regulation for protecting the personal data and privacy of individuals within the EU and European Economic Area (EEA).

Share this

Industry News

September 19, 2019

DevOps Institute has entered into a fundraising partnership with the global Teach For All network in conjunction with the 2020 Upskilling: Enterprise DevOps Skills Survey.

September 19, 2019

Idera announced an agreement to acquire the software assets and related entities of WhereScape Software LTD., a provider of data infrastructure automation software.

September 19, 2019

Automox announced the launch of Automox Alive, a community for IT and security practitioners that facilitates the sharing of extensible Automox Worklets, to improve cyber hygiene.

September 18, 2019

Parasoft SOAtest API and UI functional testing solution has won a 2019 API Award in the Best in Microservices Infrastructure category.

September 18, 2019

Micro Focus announced the general availability of Vertica in Eon Mode for Pure Storage.

September 18, 2019

Mindtree announced a new service, InnoApp for Kubernetes, enabling enterprises to deploy containerized cloud applications on Microsoft Azure, accelerating application setup and innovation.

September 17, 2019

Redgate launched SQL Change Automation 4.0, extending its database change management automation tool to the free Microsoft SQL Server Management Studio (SSMS) development environment for the first time.

September 17, 2019

Oracle and VMware announced an expanded partnership to help customers leverage the companies’ enterprise software and cloud solutions to make the move to the cloud.

September 17, 2019

FireMon announced the introduction of FireMon Automation, a comprehensive set of policy automation management solutions designed to chart the course to smart security process automation.

September 16, 2019

Oracle announced the general availability of Java SE 13 (JDK 13).

September 16, 2019

Data Intensity launched its Automation-as-a-Service offering.

September 16, 2019

Mobile Labs launched the final addition to its mobile device cloud suite: GigaFox Red and GigaFox Silver.

September 12, 2019

Rafay Systems announced the general availability of its turnkey, SaaS-based offering designed to confront a complex set of ongoing challenges enterprises and service providers face when modernizing their applications.

September 12, 2019

StackRox announced the availability of the StackRox App for the Sumo Logic Continuous Intelligence Platform.

September 12, 2019

Lacework is receiving $42 million from Sutter Hill Ventures and Liberty Global Ventures.