Skip to content

    Latest Posts

    The 5 Biggest Myths in Cloud Security (And How to Avoid Getting Burned)

    Drew Wright

    Enterprise cloud adoption is in full swing, therefore cloud security and compliance has become a top priority. Security in the cloud requires different approaches than in the datacenter—and a different mindset. Demonstrating this are movements like DevOps, DevSecOps, and Shift Left, which have begun to transform how Cloud Security Posture Management (CSPM) is done with automation using tools like infrastructure as code and policy as code.

    Read More

    Fugue Now Available for AWS GovCloud

    Diem Shin

    Fugue is excited to announce support for AWS GovCloud. This enables public sector customers to leverage public cloud resources while remaining compliant. Our product supports AWS GovCloud regions which meets specific regulatory and compliance requirements for US government agencies such FedRAMP High and ITAR.

    Read More

    4 Benefits of Visualizing Your Cloud Infrastructure

    Diem Shin

    As organizations increase their cloud footprint, gaining visibility into their cloud resources becomes an arduous but essential task. It is critical to understand how your cloud resources are provisioned and configured as well as identifying any misconfigurations. Many security and compliance teams address these needs by working with system architects to manually create architecture diagrams for reporting based on cloud console configuration settings, log records, and AWS Config data. This process is tedious and time consuming and not scalable for enterprises with large cloud workloads.

    Read More

    Addressing Cloud Security with Infrastructure Baselines

    Diem Shin

    At Fugue, we are obsessed with infrastructure baselines and especially with how they are utilized to correct cloud resource misconfiguration and drift—the leading cause of cloud-based data breaches. Baselines are a relatively new concept, so we thought an informative blog post about baselines, what they are, why organizations need them, and how organizations can get started with baselines, would be a great introduction to baselines. So let’s get started.

    Read More

    Fugue is Now a Single, Unified Solution for Cloud Security and Compliance

    Drew Wright

    Since AWS re:Invent 2018, Fugue has supported two different products: the self-hosted Fugue Platform and the newer Software as a Service (SaaS) Fugue Risk Manager product. Today, we’re thrilled to announce that we have merged capabilities from the two products into a single, unified SaaS solution for autonomous cloud infrastructure security and compliance. Our product is now simply called Fugue.

    Read More

    Shift Left on Cloud Security, Part II - Phases of the SDLC

    Josh Stella

    In an earlier blog post, we discussed at a high level how security can shift left regarding cloud infrastructure. In this post, we'll drill in with more detail on how this can be done through the discrete phases of the Software Development Life Cycle (SDLC), beginning with the development phase, and extending through testing, and ultimately all the way to deployment and ongoing operations.

    Read More

    PCI Compliance Simplified

    Diem Shin

    PCI compliance. You’ve heard about it. You need it, but you are not quite sure what it's about and what’s involved to achieve PCI compliance for the cloud. In this blog, we are delving deeper into PCI compliance: the requirements that are relevant for organizations in the cloud, which organizations should be concerned with PCI, and how to achieve PCI compliance for your cloud infrastructure.

    Read More

    Understanding Amazon S3 Security and Compliance on AWS

    Drew Wright

    If your organization uses Amazon Web Services (AWS) for cloud computing, chances are that Amazon S3, or Amazon Simple Storage Service, gets a lot of use. The object storage service was one of the first cloud services offered by AWS (way back in 2006!), and it’s ease of use, reliability, and scalability have proven incredibly popular.

    Read More

    Shifting Left on Cloud Security and Compliance

    Josh Stella

    We're hearing a lot about “shifting left” these days in the industry, and like most popular terms the meaning can be hard to pin down, and some of the implications buried. This post will focus on how to shift security and compliance left in cloud computing. These two functions are closely related, but the operational aspect of each is quite different. However, before we get into specifics, it might be helpful to define what we mean by shifting left in general.

    Read More
    Fugue Developer

    Free Cloud Security for Engineers

    • Visualize your cloud infrastructure
    • Run policy checks and get feedback
    • Detect change and eliminate misconfiguration
    GET STARTED CONTACT SALES