Blog (3)

Locking Down the Security of AWS IAM

Becki Lee February 8, 2021

This post is based on the Fugue's Cloud Security Masterclass series focused on AWS IAM security.

Our Partnership with Sonatype: Securing the Modern Cloud Attack Surface

Drew Wright November 12, 2020

Today, Sonatype and Fugue have partnered to deliver the tools developers and operations need to address every meaningful cloud attack surface and ensure compliance at every stage of the SDLC with a single unified solution. Read the press release here.

Cloud Network Security 101: Azure Service Endpoints vs. Private Endpoints

Becki Lee October 8, 2020

Azure offers two similar but distinct services to allow virtual network (VNet) resources to privately connect to other Azure services. Azure VNet Service Endpoints and Azure Private Endpoints (powered by Azure Private Link) both promote network security by allowing VNet traffic to communicate with service resources without going over the internet, but there are some differences. This three-part blog series goes into detail about both services.

Thinking Like a Cloud Hacker: Part 1

Josh Stella September 30, 2020

This is a companion post to our Cloud Security Masterclass on the subject. Our objective is to examine some real world, published cloud exploits and examine both the motivations and techniques of the hackers responsible for them so that you can understand who you are up against, how and why they act, and how to better protect your cloud infrastructure.

Cloud Network Security 101: Azure Private Link & Private Endpoints

Becki Lee September 25, 2020

Azure offers two similar but distinct services to allow virtual network (VNet) resources to privately connect to other Azure services. Azure VNet Service Endpoints and Azure Private Endpoints (powered by Azure Private Link) both promote network security by allowing VNet traffic to communicate with service resources without going over the internet, but there are some differences. This three-part blog series goes into detail about both services.

5 tips for using the Rego language for Open Policy Agent (OPA)

Jasper Van der Jeugt September 18, 2020

At Fugue, we’re pretty fond of Open Policy Agent (OPA), and we’ve written a lot of Rego code to keep cloud resources secure. So we’ve put together the most valuable lessons we’ve learned in the process.

Cloud Network Security 101: Azure Virtual Network Service Endpoints

Becki Lee September 17, 2020

Microsoft Azure offers two similar but distinct services to allow virtual network (VNet) resources to privately connect to other Azure services. Azure VNet Service Endpoints and Azure Private Endpoints (powered by Azure Private Link) both promote network security by allowing VNet traffic to communicate with service resources without going over the internet, but there are some differences.

Building a Secure Amazon S3 Bucket (AWS)

Josh Stella September 8, 2020

Much has been said about Amazon S3 security on Amazon Web Services (AWS) in the press and technical publications, and much of it is oversimplified and of limited practical use. Amazon S3 is an incredibly simple cloud service to use, but adequately securing your S3 resources is anything but simple, as too many organizations have discovered.

Introducing Zim: A caching build system for teams using monorepos

Drew Wright September 2, 2020

Zim is a caching build system that is ideal for software development teams using monorepos that contain many components and dependencies. Zim provides for fast incremental, parallel builds across a team and is entirely language agnostic with built-in support for cross-platform builds via Docker. Zim is available as an open source project hosted on GitHub.

Introducing the Engineer’s Handbook on Cloud Security

Drew Wright August 26, 2020

“The cloud has radically changed the IT security landscape. The vulnerability surface is different. Attackers operate differently. And how you go about keeping your data safe needs to be different.”

Blog

Latest Posts

Featured Posts

Free Cloud Security for Engineers

Get Started with Fugue Today

Trending Topics

Cloud Security Posture Management

Infrastructure as Code and Security

AWS Cloud Security

Azure Cloud Security

Cloud Security for Google Cloud Platform

DevSecOps for Cloud Infrastructure Security

CIS AWS Foundations Benchmark

CIS Azure Foundations Benchmark

Fugue Best Practices Policy Framework

GDPR

HIPAA

ISO 27001

NIST 800-53

PCI

SOC 2 Cloud Compliance

Popular Blogs

To Err Is Human, and That’s What Hackers Are Counting On

An Optimistic Outlook for 2022: Cloud Security Vulnerabilities Are 100% Preventable

Cloud Security Buyers Give Fugue a Perfect NPS Score, Highest Customer Satisfaction Marks [G2]

Events

News

Fugue Leads Cloud Security Market in Customer Satisfaction, According to G2 Report

Fugue Adds Centralized Multicloud Security Visibility and Policy-Based Governance Capabilities

Fugue Adds AWS Well-Architected Framework to Its Policy as Code Engine for Full Life Cycle Cloud Security

Fugue and CWS Team Up to Close Enterprise Cloud Security Gaps with End-to-End Policy as Code Enforcement

Fugue Adds Kubernetes Security Checks to its SaaS Platform and Open Source Regula Project

Fugue Announces Unified Infrastructure as Code and Cloud Runtime Security

Risk of Cloud Breaches Rising, Teams Struggling to Address Them, Fugue and Sonatype Survey Finds

Fugue Announces Regula v1.0 for Open Source Infrastructure as Code Security

Fugue Expands Go-To-Market Leadership Team to Accelerate Growth in Cloud Security Market

Fugue Announces The Fugue Guarantee for Cloud Security and Compliance

Resources

Submit a Ticket

Documentation

Pricing

API

Guarantee

Login

Contact Us

Security

Privacy Policy

Careers

Schedule Demo

Product Videos

Press

Events

Library