Skip to content

    Latest Posts

    Cloud Access Security: Ease of Access Considerations

    Diem Shin

    Lured by the promise of scalability, cost benefits, innovation and business growth, organizations are rapidly embracing the cloud for their IT resources and processing. In fact, Gartner predicts that by 2025, 80 percent of enterprises will have shut down their traditional data center in favor of cloud, versus 10% today.

    Read More

    DevSecOps: What is it, and Where to Start

    Josh Stella

    There is a lot of talk about DevSecOps these days, and we've been working in the area for years now and have learned some things that work and some that don't. First, we'll give you our view on what DevSecOps is, and then we'll make a few recommendations on how to start doing it and get real results in an hour or two!

    Read More

    Cloud Security: Automated Remediation Scripts vs. Self-Healing Infrastructure

    Josh Stella

    A lot of folks have realized that manually fixing cloud infrastructure to correct security and compliance issues is just too slow and error prone to handle the threat landscape on the cloud. An increasingly common approach to speeding up remediation these days is to use cloud functions, such as AWS Lambda or Azure Functions, connected to a threat detection tool, to remediate specific cloud misconfigurations.

    Read More

    Cloud Security Breaches and Human Errors

    Diem Shin

    All humans make mistakes and some of those mistakes could lead to security breaches. According to Gartner, through 2023 at least 99% of cloud security failures will be the customer’s fault. Many of these successful cyber-attacks will be a result of hackers preying on the vulnerabilities of human weakness to successfully gain access to an organization’s infrastructure and networks wreaking havoc and damage.

    Read More

    Cloud Infrastructure Drift: The Good, the Bad, and The Ugly

    Drew Wright

    Infrastructure misconfiguration is the leading cause of data breaches in the cloud, and a big reason misconfiguration happens is infrastructure configuration “drift,” or change that occurs in a cloud environment post-provisioning. If you’re responsible for the security and compliance of cloud environments, you probably spend a lot of time focused on analyzing infrastructure drift events and remediating them. It’s easy to think of all drift as being bad or undesirable. And make no mistake, some of it is really bad. Ugly even! But some drift is good and desired, and understanding the differences between the good, the bad, and the ugly--and how to recognize them--can save you and your team a lot of frustration and wasted time.

    Read More

    Top Tips for Preventing Cloud Misconfiguration

    Diem Shin

    In last week’s blog we discussed the Shared Responsibility Model and how it affects enterprises’ cloud security. Based on the Shared Responsibility Model, organizations are responsible for security in the cloud, which includes how they configure and use the resources provided by the cloud service providers. Falling within this realm are cloud resource configurations. Cloud configurations are complex and if not implemented correctly, can increase the risk of a data breach.

    Read More

    Cloud Security and the Shared Responsibility Model

    Diem Shin

    Security and compliance are priorities for companies in the cloud. However, cloud security and compliance is not the responsibility of any single entity alone and determining the demarcation line can lead to confusion. Security and compliance in the cloud is a shared responsibility between the cloud service providers (CSP) and their customers.

    Read More

    Automated Remediation for Cloud Misconfiguration: Three Different Approaches

    Diem Shin

    Whenever there's talk of the cloud, misconfiguration and the security risk it brings inevitably becomes a part of the conversation. And of course, once you start talking about cloud misconfiguration, “auto-remediation” often creeps into the conversation. But what does “auto-remediation” really mean? The concept of “auto-remediation” is that the solution finds problems or policy violations in your cloud infrastructure and automatically fixes them.

    Read More

    AWS re:Invent 2018: What Excited Us and What Surprised Us

    Fugue Team

    With AWS re:Invent 2018 now behind us, we wanted to share some of our reactions to the event and many of the announcements. It was an exciting time for Fugue, as we announced the availability of our new SaaS solution, an easy-to-use solution for finding compliance violations in your AWS environments, detecting infrastructure drift, and automatically remediating it when it occurs.

    Read More
    Fugue Developer

    Free Cloud Security for Engineers

    • Visualize your cloud infrastructure
    • Run policy checks and get feedback
    • Detect change and eliminate misconfiguration
    GET STARTED CONTACT SALES