When there’s a data breach involving Amazon Web Services (AWS), more often than not it involves the Amazon S3 object storage service. The service is incredibly popular. Introduced way back in 2006 when few knew what the cloud was, S3 is highly scalable, reliable, and easy to use. But getting the security of S3 right—and making sure it stays.
Cloud misconfiguration remains the top cause of data breaches in the cloud, and the COVID-19 crisis is making the problem worse. These are among the findings of Fugue’s new State of Cloud Security 2020 Report.
Employers across the U.S. and around the world are rapidly shifting to a mandatory work-from-home (WFH) arrangement to help slow the spread of the coronavirus (COVID-19). Even for organizations already operating with team members working from.
In the cloud, developers now own the security posture of the enterprise because the cloud is fully software-defined and programmable. Getting the programming of cloud infrastructure wrong leads to misconfiguration, which is the number one cause of cloud-based data breaches.
Today we announced Regula, an open source tool for evaluating Terraform infrastructure as code for potential security misconfigurations and compliance violations. Regula uses the open source Open Policy Agent(OPA) policy framework and Rego query language, which have gained significant traction in the Kubernetes community and scale to cloud.
When it comes to cloud infrastructure security, two trends emerged in a big way in 2019: headline-producing cloud-native exploits, and the developer movement to address these threats using secure engineering approaches.
On January 1, 2020, the California Consumer Privacy Act (CCPA), California’s answer to GDPR, goes into effect. Like GDPR, the CCPA is delivering anxiety and dread to executives, marketers, compliance officers, and engineers everywhere. As we learned from numerous conversations at the AWS re:Invent 2019 conference last week, engineers.
Today, we announced Fugue Developer, a free tier designed for individual engineers to build and maintain secure cloud infrastructure in highly dynamic and regulated cloud environments. Get started here and you'll have a visualization of your AWS or Azure environment in minutes.
Adopting the Rego policy language and the Open Policy Agent (OPA) engine for Fugue’s cloud security SaaS product has paid real dividends for us and our customers. It enables Fugue users to easily create custom policies for their cloud infrastructure environments using open source tools, and it’s helped us implement out-of-the-box policy as code.
Most organizations now recognize the importance of cloud security, likely due in large part to the sharp uptick in cloud-based data breaches resulting from cloud misconfiguration. Achieving and maintaining the secure configuration of their cloud infrastructure resources—sometimes referred to as Cloud Security Posture Management (CSPM)—is now a.