Fugue Introduces Next-Generation CSPM
October 14, 2020

Fugue announced next-generation cloud security posture management (CSPM) capabilities to help customers bring their cloud infrastructure into compliance and demonstrate that cloud environments adhere to enterprise security policies.

The new features leverage Fugue’s cloud state machine, which captures every resource configuration over time in a cloud environment, and Fugue’s policy engine based on Open Policy Agent (OPA), the open source standard for policy-as-code.

Fugue’s cloud state machine and OPA-based policy engine provide customers with continuous visibility into the full configuration state and security posture of their entire cloud footprint. With Fugue’s new data warehouse, teams can leverage this data to use with their third party business intelligence (BI) and security information and event management (SIEM) tools to gain better insights into their cloud environments. New integrations with Google Cloud’s Looker Business Intelligence Platform access data from the data warehouse to deliver advanced out-of-the-box reporting and data analytics capabilities that help teams understand their cloud security posture in full context while radically streamlining compliance audits.

“Today’s dynamic and complex enterprise cloud environments — and the modern attacks that put them at risk — have far outpaced the ability of repurposed datacenter tools to keep data secure,” said Phillip Merrick, CEO of Fugue. “Cloud is 100% software-defined, making cloud security a software engineering problem, not a traditional security analysis one. Fugue’s next-generation CSPM takes a software engineering approach to cloud security so our customers can get their cloud configurations into compliance quickly and ensure they stay that way — without ever slowing them down.”

Fugue’s next-generation CSPM capabilities empower teams to continuously demonstrate compliance using:

- The data warehouse that provides access to the complete configuration and compliance history of their cloud infrastructure environments for use with third party BI and SIEM tools.

- Advanced reporting with Google Looker that makes it easy to demonstrate cloud compliance to management and auditors — including historical audits.

- Configuration state modeling of every resource, relationship, and configuration attribute to understand cloud security in full context and over time.

- Policy-as-code analysis using OPA that automatically assesses the security posture of cloud infrastructure environments and delivers a detailed and prioritized path to bring them into compliance.

- Interactive, exportable visual maps that create a shared understanding across teams of what’s running in a cloud environment, including all resource relationships and security vulnerabilities.

Fugue identifies cloud misconfiguration and compliance violations and helps teams eliminate it with:

- Cloud configuration baselining and drift detection to understand every change made to a cloud environment and whether those changes violate policy or introduce misconfiguration vulnerabilities.

- Configuration drift reporting that includes detailed remediation feedback and API-based integrations so teams can get the notifications they need, when they need them.

- Baseline enforcement that makes security-critical configurations self-healing by automatically remediating unauthorized change — without the need for automation scripts or the risk of unintended destructive events.

Fugue empowers engineers to find and fix cloud security and compliance issues early in the software development lifecycle with:

- On-demand policy checks for dev environments to identify security issues and get the feedback needed to remediate them and move forward.

- An API to integrate cloud security in CI/CD pipelines that automatically run policy checks on cloud infrastructure configurations prior to deploying to production.

- Infrastructure-as-code validation with Regula, Fugue’s open source tool that applies the same OPA policy-as-code rules used to assess running cloud environments.

Fugue provides turnkey support for industry compliance standards including CIS Foundations Benchmarks, GDPR, HIPAA, ISO 27001, NIST 800-53, PCI, and SOC 2. Fugue supports custom enterprise policies using OPA and provides the Fugue Best Practices framework to protect against advanced misconfiguration exploits that compliance standards miss.

Fugue offers Enterprise and Team plans under a 30-day free trial, and the free Fugue Developer plan for individual engineers. It takes 15 minutes to get up and running with Fugue.

Share this

Industry News

April 14, 2021

SmartBear has integrated TestComplete, its UI test automation tool, with BitBar, its native mobile device cloud.

April 14, 2021

Elastic announced an expanded strategic partnership with Confluent to deliver the best integrated product experience to the Apache Kafka and Elasticsearch community.

April 14, 2021

Threat Stack announced its ability to support AWS Graviton2-based instances through the Threat Stack Cloud Security Platform.

April 13, 2021

Broadcom and Google Cloud announced a strategic collaboration to accelerate innovation and strengthen cloud services integration within the core software franchises of Broadcom.

April 13, 2021

Nylas announced the launch of Components, JavaScript UI/UX solutions that allow developers to bring productivity features to market faster without needing to design front-end elements from scratch.

April 13, 2021

Perforce Software announces its new version control desktop client — Helix Sync — enabling non-coders such as artists and designers to version digital assets, with a simple drag-and-drop UI.

April 12, 2021

ShiftLeft introduced ShiftLeft CORE, a unified code security platform.

April 12, 2021

GrammaTech announced a new version of its CodeSonar SAST (static application security testing) product that helps developers build safer and more secure code without disrupting workflows.

April 12, 2021

Panaya announced a strategic partnership with Being Guided, a Salesforce Consulting Partner, specializing in the CRM and Salesforce ecosystem, to bring Panaya's ForeSight solution to a wider audience.

April 08, 2021

Palo Alto Networks announced the second generation of Checkov, the static analysis tool for infrastructure as code (IaC).

April 08, 2021

Postman now allows any team with up to three members to collaborate in Postman with unlimited shared workspaces and unlimited shared requests at no cost.

April 08, 2021

Taos, an IBM company, has announced 24x5 managed service availability.

April 07, 2021

VMware unveiled expanded cloud workload protection capabilities to deliver security for containers and Kubernetes.

April 07, 2021

Catapult CX is launching the DevOps Institute’s (DOI) Assessment of DevOps Capabilities (ADOC).

April 07, 2021

Equinix announced that Tinkerbell, an all-in-one open source bare metal provisioning platform, has added significant new features since joining the Cloud Native Computing Foundation (CNCF) Sandbox program.