For twelve years I’ve held executive management positions at companies making significant use of the cloud. Now I have the privilege of helping lead Fugue, a leading provider of cloud security and compliance solutions. Along the way I’ve found that senior executives—both at technology companies and outside the tech industry—sometimes struggle.

If you consider how rapidly organizations are increasing their cloud footprint, ensuring compliance with the different compliance standards can get challenging very quickly. Here at Fugue, we aim to make compliance easy, so in this blog, we are going to break down the complexities associated with SOC 2 compliance.

We’re thrilled that DeveloperWeek NYC has awarded Fugue a DevProject Award for the work our amazing engineering and product teams delivered to bring our Software as a Service (SaaS) solution for cloud security and compliance to market.

In the last part of this series, we're going to look at the final stages of the software development life cycle (SDLC)—deployment and operations. As a reminder, in parts one and two, we discussed the overall concept of shifting left for security and compliance, and laid out some best practices for how to do so during the development and testing.

Enterprise cloud adoption is in full swing, therefore cloud security and compliance has become a top priority. Security in the cloud requires different approaches than in the datacenter—and a different mindset. Demonstrating this are movements like DevOps, DevSecOps, and Shift Left, which have begun to transform how Cloud Security Posture.

Fugue is excited to announce support for AWS GovCloud. This enables public sector customers to leverage public cloud resources while remaining compliant. Our product supports AWS GovCloud regions which meets specific regulatory and compliance requirements for US government agencies such FedRAMP High and ITAR.

As organizations increase their cloud footprint, gaining visibility into their cloud resources becomes an arduous but essential task. It is critical to understand how your cloud resources are provisioned and configured as well as identifying any misconfigurations. Many security and compliance teams address these needs by working with system.

At Fugue, we are obsessed with infrastructure baselines and especially with how they are utilized to correct cloud resource misconfiguration and drift—the leading cause of cloud-based data breaches. Baselines are a relatively new concept, so we thought an informative blog post about baselines, what they are, why organizations need them, and how.

Since AWS re:Invent 2018, Fugue has supported two different products: the self-hosted Fugue Platform and the newer Software as a Service (SaaS) Fugue Risk Manager product. Today, we’re thrilled to announce that we have merged capabilities from the two products into a single, unified SaaS solution for autonomous cloud infrastructure security and.

In an earlier blog post, we discussed at a high level how security can shift left regarding cloud infrastructure. In this post, we'll drill in with more detail on how this can be done through the discrete phases of the Software Development Life Cycle (SDLC), beginning with the development phase, and extending through testing, and ultimately all.