Today, Fugue added out-of-the-box support for Payment Card Industry Data Security Standards (PCI) to give enterprises full PCI compliance visibility and reporting across their entire cloud footprint. PCI joins HIPAA, NIST 800-53, GDPR, and AWS CIS Benchmark as part of Fugue’s turnkey solution for ensuring cloud infrastructure environments.

Lured by the promise of scalability, cost benefits, innovation and business growth, organizations are rapidly embracing the cloud for their IT resources and processing.  In fact, Gartner predicts that by 2025, 80 percent of enterprises will have shut down their traditional data center in favor of cloud, versus 10% today.

There is a lot of talk about DevSecOps these days, and we've been working in the area for years now and have learned some things that work and some that don't. First, we'll give you our view on what DevSecOps is, and then we'll make a few recommendations on how to start doing it and get real results in an hour or two!

A lot of folks have realized that manually fixing cloud infrastructure to correct security and compliance issues is just too slow and error prone to handle the threat landscape on the cloud. An increasingly common approach to speeding up remediation these days is to use cloud functions, such as AWS Lambda or Azure Functions, connected to a.

All humans make mistakes and some of those mistakes could lead to security breaches. According to Gartner, through 2023 at least 99% of cloud security failures will be the customer’s fault. Many of these successful cyber-attacks will be a result of hackers preying on the vulnerabilities of human weakness to successfully gain access to an.

Infrastructure misconfiguration is the leading cause of data breaches in the cloud, and a big reason misconfiguration happens is infrastructure configuration “drift,” or change that occurs in a cloud environment post-provisioning. If you’re responsible for the security and compliance of cloud environments, you probably spend a lot of time.

In last week’s blog we discussed the Shared Responsibility Model and how it affects enterprises’ cloud security. Based on the Shared Responsibility Model, organizations are responsible for security in the cloud, which includes how they configure and use the resources provided by the cloud service providers. Falling within this realm are cloud.

Security and compliance are priorities for companies in the cloud. However, cloud security and compliance is not the responsibility of any single entity alone and determining the demarcation line can lead to confusion. Security and compliance in the cloud is a shared responsibility between the cloud service providers (CSP) and their customers.

Whenever there's talk of the cloud, misconfiguration and the security risk it brings inevitably becomes a part of the conversation. And of course, once you start talking about cloud misconfiguration, “auto-remediation” often creeps into the conversation. But what does “auto-remediation” really mean? The concept of “auto-remediation” is that the.

With AWS re:Invent 2018 now behind us, we wanted to share some of our reactions to the event and many of the announcements. It was an exciting time for Fugue, as we announced the availability of our new product, Risk Manager, an easy-to-use solution for finding compliance violations in your AWS environments, detecting infrastructure drift, and.