In the cloud, developers now own the security posture of the enterprise because the cloud is fully software-defined and programmable. Getting the programming of cloud infrastructure wrong leads to misconfiguration, which is the number one cause of cloud-based data breaches.
The good news is that there are software engineering answers to the cloud security challenge. Open source policy as code tools can be used to validate policy for at-scale cloud infrastructure environments. Open Policy Agent (OPA) is a toolset and framework for cloud infrastructure policy as code, and Regula uses OPA to validate Terraform infrastructure as code before it is deployed.
Enterprise organizations have been using Fugue to gain visibility over their entire cloud footprint across multiple environments by empowering their engineering teams to innovate faster and more securely in the cloud. And individual engineers are using Fugue Developer for free to manage the security of their own environments.
A Fugue visualization of an AWS cloud infrastructure environment, including policy violations.
However, we heard from a number of cloud engineering teams that they need to collaborate on cloud security, but they don’t have multiple teams and environments to manage.
Introducing Fugue Team
We heard you, and today we’re excited to make available the Fugue Team plan. Fugue Team provides tools to visualize cloud environments, detect and eliminate misconfiguration, and run policy checks on infrastructure. Teams may use role based access control for building, accessing, and modifying cloud infrastructure environments, and the Fugue API for integrating cloud security into automated CI/CD pipelines to prevent cloud misconfiguration and policy violations.
Fugue Team is easy to adopt and use (it takes about 15 minutes to set up your first environment). Fugue Team supports custom rules using Open Policy Agent, Fugue Best Practices to protect against advanced cloud misconfiguration exploits, and compliance families such as CIS Foundations Benchmark for AWS and Azure, GDPR, HIPAA, ISO 27001, NIST 800-53, PCI-DSS, and SOC 2.
Learn more about the Fugue Team plan and other available plans here.