Today, we announced Fugue Developer, a free tier designed for individual engineers to build and maintain secure cloud infrastructure in highly dynamic and regulated cloud environments. Get started here and you'll have a visualization of your AWS or Azure environment in minutes.

Software developers now own the security of their cloud infrastructure, and that’s who Fugue Developer serves. Fugue Developer provides tools to visualize cloud infrastructure environments, detect resource misconfiguration and policy violations, report on compliance, and understand infrastructure change.

viz-animated-resized-optimized

We're excited about making Fugue Developer available to you for free. Let’s take a closer look.

Cloud Visualization: Discovery with Fugue Developer

Keeping track of the cloud resources you have running and how they’re configured across accounts and regions, involves countless hours clicking through consoles, updating spreadsheets, and manually creating infrastructure diagrams. Corey Quinn once said (and I paraphrase): “the only way to see everything you have running in your AWS account is to look at your AWS bill.”

Fugue Developer changes this by taking a snapshot of your cloud environment, building a complete model of the configuration state, and generating dynamic visualizations so you can see what you have running and the relationships between resources. Generate new visualizations on a schedule and use the Fugue API to kick them off with each deployment. No more manually auditing cloud environments or wasting time with diagramming tools.

First time Fugue users often discover orphaned resources, redundant VPCs and security groups, crypto-mining instances, and other critical cloud infrastructure issues that become readily apparent when visualized.

viz-fugue-developer-for-release-edit-1

Cloud Compliance: Policy as Code with Fugue Developer

Cloud infrastructure environments are too vast, complex, and dynamic to address with traditional security and compliance approaches such as manual audits, checklists, and scan/alert tools. The tradeoffs between agility and security in the cloud usually results in neither. And those in a position to make a difference—software developers—are left hamstrung and frustrated.

Policy as code is the answer, and Fugue Developer uses the open source Open Policy Agent (OPA) and Rego policy language—not some limited proprietary language. Custom cloud infrastructure policy with Fugue Developer is extremely flexible and scalable, and creating policies is straightforward. And we just open sourced the Fugue Rego Toolkit (Fregot) to help developers easily evaluate Rego expressions, debug code, and test policies.

Fregot-Custom-Cloud-Policy

Fugue Developer also comes with support for CIS Foundations Benchmarks for Amazon Web Services (AWS) and Microsoft Azure out of the box. And you can apply the Fugue Best Practices Framework to your environment to detect advanced cloud misconfiguration vulnerabilities that industry standards such as CIS won’t catch.

Use Fugue Developer to create daily compliance reports for your cloud environment.

Blog Post Best Practices-3

Understanding the Impact of Cloud Change with Fugue Developer

In the cloud, change is the only constant. And all that change brings constant risk of resource misconfiguration and policy violations. As important as it is to prevent misconfiguration before it gets deployed, it’s equally important to detect dangerous changes when they occur so you can correct them before they’re exploited.

Use Fugue Developer to snapshot your cloud environment before and after each deployment to check that desired changes occurred as intended, and nothing else. Fugue Developer will let you know if changes violated policy, and the feedback Fugue provides helps you correct them quickly and move on. Use Fugue’s API or CLI to automate snapshots and policy validations in each stage of the software development lifecycle (SDLC), such as dev, test, staging, and prod.

Fugue’s visualization tool comes in handy when checking that changes made to your environment are good ones. No more spelunking through logs and cloud consoles to validate your deployments.

While we’d all prefer that change only occurs via our approved and automated channel (i.e. CI/CD pipeline or deployment tool), that’s no one’s reality. New Fugue users are often surprised to discover just how much change happens to their environment out of band. Fugue detects changes with each snapshot (which can be scheduled or triggered via the Fugue API or CLI) so you can quickly identify misconfiguration vulnerabilities and correct them.

Drift-in-Fugue

To protect security-critical cloud resources, use Fugue Developer to detect and remediate unauthorized changes (i.e. “drift”) without having to code and manage a bag of scripts or bots. Simply create a Fugue environment containing your critical resources that shouldn’t change out-of-band (e.g. VPCs, security groups; S3 buckets), baseline the environment, and tell Fugue to enforce the baseline. Fugue reverts any change back to your baseline when it detects drift.

Get Fugue Developer Now. It’s Free Forever.

Fugue Developer is available now for individual engineers here.

It takes just minutes to get up and running with Fugue Developer and you’ll have a full picture of your cloud infrastructure environment and security posture.

You'll receive a 30-day free trial of Fugue Enterprise, after which you can choose to purchase Fugue Enterprise or transition to Fugue Developer. Fugue Enterprise supports unlimited users and environments, and provides additional out-of-the-box support for NIST 800-53, PCI, HIPAA, SOC 2, GDPR, and ISO 27001.

Fugue Developer: Free Cloud Security and Visualization for Engineers

Cloud Visualization: Discovery with Fugue Developer

Cloud Compliance: Policy as Code with Fugue Developer

Understanding the Impact of Cloud Change with Fugue Developer

Get Fugue Developer Now. It’s Free Forever.

Categorized Under

Search

Related posts

Popular Categories

Featured Posts

Get Started with Fugue Today

Trending Topics

Cloud Security Posture Management

Infrastructure as Code and Security

AWS Cloud Security

Azure Cloud Security

Cloud Security for Google Cloud Platform

DevSecOps for Cloud Infrastructure Security

CIS AWS Foundations Benchmark

CIS Azure Foundations Benchmark

Fugue Best Practices Policy Framework

GDPR

HIPAA

ISO 27001

NIST 800-53

PCI

SOC 2 Cloud Compliance

Popular Blogs

Five Steps to a Secure Cloud Architecture

An Introduction to Cloud Security for Infosec Professionals

9 Questions You Should Ask About Your Cloud Security

Events

News

Fugue Extends Cloud Security Market Dominance in Customer Satisfaction, According to G2 Report

Snyk Acquires Fugue, Enters Cloud Security Market

Fugue Achieves AWS Security Competency Status

Fugue Leads Cloud Compliance Market in Customer Satisfaction, According to G2 Report

Fugue Leads Cloud Security Market in Customer Satisfaction, According to G2 Report

Fugue Adds Centralized Multicloud Security Visibility and Policy-Based Governance Capabilities

Fugue Adds AWS Well-Architected Framework to Its Policy as Code Engine for Full Life Cycle Cloud Security

Fugue and CWS Team Up to Close Enterprise Cloud Security Gaps with End-to-End Policy as Code Enforcement

Fugue Adds Kubernetes Security Checks to its SaaS Platform and Open Source Regula Project

Fugue Announces Unified Infrastructure as Code and Cloud Runtime Security

Resources

Submit a Ticket

Documentation

Pricing

API

Guarantee

Login

Contact Us

Security

Privacy Policy

Careers

Schedule Demo

Product Videos

Press

Events

Library