- One policy engine for infrastructure as code and runtime environments
- Infrastructure as code checks for Terraform and AWS CloudFormation
- Multi-resource rule capabilities that catch vulnerabilities others miss
- Interactive, exportable maps of your environment and security posture
- Built on Open Policy Agent (OPA)—the open standard for policy as code
Read Latest Blog Posts
You may already know that Regula, Fugue's open-source policy engine that uses Open Policy Agent (OPA) for checking infrastructure as code (IaC), can evaluate Terraform and AWS CloudFormation templates for security issues. But did you know that you can use Regula to secure your AWS Cloud Development Kit (CDK) apps, too?
Cloud security has long been focused squarely on the cloud runtime environment to keep infrastructure free of misconfiguration vulnerabilities that can open the door to hackers and lead to data leaks and breaches. It is reasonable considering most (if not all) cloud-based security incidents result from customer mistakes in the form of cloud resource misconfiguration. Gartner calls this Cloud Security Posture Management, or CSPM.