Infrastructure Baselines

A Contract Between Security and DevOps

What is a Baseline?

A baseline is a snapshot of a “known-good” configuration of cloud infrastructure. It is a complete picture of a cloud environment and defines every resource with all of its attributes. This is more detailed than typical infrastructure as code, which may only define a resource and a small set of attributes but leaves out the default attributes.


A baseline is a snapshot of a "known-good" configuration.

Why Organizations Need Baselines

An infrastructure baseline enables stakeholders to examine all resources and decide together how the infrastructure meets internal and regulatory compliance standards.

The concept of a baseline makes possible:

  • A contract to align Security and DevOps teams on cloud compliance
  • An accurate and up-to-date of what is running in your cloud environment
  • The context to perform safe codeless auto-remediation via self-healing


Without the concept of a baseline, teams are incentivized to work at odds with each other.

How to Get Started with Baselining

  • Understand what is running and how it complies with security or compliance policies. This can take as little as 10 minutes.
  • Start by enforcing one or a few security requirements early in the development lifecycle and gradually add more as application functionality evolves.
  • DevOps can use automated tools to scan for policy violations as part of baselining.


Organizations can get started with baselining in as little as 10 minutes.

Secure Your Cloud

Start a free trial and see how Fugue can help you get started with baselines