Skip to content

    Latest Posts

    Introducing Fugue Compliance Suite: Stay Compliant in the Cloud

    Diem Shin

    We are thrilled to announce that the Fugue Compliance Suite is available today. The Compliance Suite is a set of validation libraries for provisioning and orchestrating infrastructure with Fugue. The prepackaged libraries help to enforce security and regulatory controls specified in compliance frameworks such as NIST 800-53, HIPAA, and GDPR, as well as best practices such as the AWS CIS Benchmarks.

    Read More

    A Day in the Life of a Cloud Misconfiguration

    Matthew Harvey

    Cloud infrastructure misconfiguration has emerged as the number one cause of data breaches in the cloud. Rather than application software vulnerabilities, it’s actually misconfigured network settings, firewall rules, storage access policies, and other cloud resources that put our data at most risk. We’ve talked a lot about the risk of cloud misconfiguration and why it’s critically important to have a Mean Time to Remediation (MTTR) for cloud infrastructure misconfiguration that’s measured in minutes, not hours or days. But why are cloud misconfiguration MTTRs more often measured in hours or days? And how many man-hours are teams wasting in their attempts to manage this problem? We work with a wide variety of enterprises using cloud at scale—from federal agencies to Fortune 500...

    Read More

    Securing AWS CloudFormation Stacks with Fugue

    Fugue Team

    Launched in 2011, AWS CloudFormation was a game changer because it was one of the first template-based, infrastructure-as-code (IaC) tools that provided the ability to express the full cloud infrastructure stack as configuration files. It wasn’t limited to the OS layer like traditional configuration management tools. However, organizations that operate on AWS under strict security rules and compliance regimes (i.e., HIPAA, PCI, NIST 800-53) need to make sure their infrastructure is created in accordance with the applicable security and regulatory policies—and stays aligned in the face of constant change. The Risk of Cloud Misconfigurations, Drift, and Policy Violations IaC tools like CloudFormation (CF) were not designed to address security and compliance comprehensively, and they...

    Read More

    Introducing Fugue Compliance Suite: Stay Compliant in the Cloud

    Diem Shin

    We are thrilled to announce that the Fugue Compliance Suite is available today. The Compliance Suite is a set of validation libraries for provisioning and orchestrating infrastructure with Fugue. The prepackaged libraries help to enforce security and regulatory controls specified in compliance frameworks such as NIST 800-53, HIPAA, and GDPR, as well as best practices such as the AWS CIS Benchmarks. As a reminder, a validation is a type of “policy as code” that tests your infrastructure. If a validation fails, such as determining that an S3 bucket has been defined in an unpermitted AWS region, then the infrastructure code will not compile and cannot be deployed. Our Compliance Suite validations ensure that infrastructure does not violate controls specified in a compliance framework. For...

    Read More

    Why You Should Care About Cloud Infrastructure Governance

    Drew Wright

    It’s never been easier or faster for companies using the cloud to deploy infrastructure on AWS. That’s the good news. The not-so-good news? You can’t move fast without compromising security, compliance, and control. Well, you can’t unless you automate your cloud infrastructure policies, including compliance and security . Hold that thought for a moment. Here are four common hurdles nearly every organization using the cloud encounters: Inconsistent enforcement of regulatory compliance policies (PCI, HIPAA, NIST 800-53) Uneven use of internal governance policies Uncontrolled shadow IT, ad hoc automation, and tooling sprawl Increased demand for cloud expertise Viewed from a higher level, companies using the cloud need to see all resources running across environments, accounts,...

    Read More

    No Matter How You Built Your Cloud…

    Racquel Yerbury

    No matter how you built your cloud—no matter what tools or services you’ve used to provision an application’s infrastructure—you can migrate existing workloads to Fugue easily and securely with no downtime. At AWS re:Invent this week, November 27 - December 1, test out Fugue’s automated infrastructure governance with our team at booth 1600 or explore Fugue’s new migration and enhanced compliance capabilities at www.fugue.co/migrate . By migrating to Fugue, enterprises, agencies, and DevSecOps teams in any organization centralize their control and visibility of systems running in the cloud, while accelerating secure deployments and updates. Human error—typical with scaled, enterprise infrastructure and costly in dollars and consumer trust—is drastically reduced since Fugue highlights...

    Read More

    Get Your Cloud, See Your Cloud—A Full View with Fugue

    Racquel Yerbury

    One of the most difficult things to understand about the cloud is the shape and extent of your overall application in it, whether you’re manually building your app’s infrastructure using the AWS Console or CLI, or scripting it using CloudFormation or another provisioning tool. Solutions architects, developers, and systems administrators make countless diagrams for customers and internal teams trying to provide a consumable, accurate view of what’s running or what a team would like to deploy. We’ve all learned the hard way that doing this manually is both error prone and quickly out of date. Fugue’s Composer, part of the original vision of Fugue, maps your application’s cloud infrastructure with automated, interactive diagrams that show your whole system in real time and the...

    Read More

    A Holiday Season Kickoff at AWS re:Invent 2016 — Gifts From the Cloud

    Racquel Yerbury

    We’re a couple of weeks out of re:Invent and its dizzying buzz—the slew of service and feature announcements, the industry tracks and community meetings, the Mini Cons, the integration and how-to session deep dives, the intensive networking, the mall of sponsors with every manner of product presentation … even festive bling from the ever-present registration DJ. We’ve had some time to digest what we saw and learned this time around and to think about a few of the more compelling offerings. In this post, we’re not going to recap the full laundry list of new services introduced or feature enhancements (many especially targeted at enterprise). Good overviews are abundant; here are ones from InfoQ, VentureBeat, and Rackspace. Instead, let’s zero in on a handful of provocative...

    Read More

    Why We Built Ludwig — a DSL for the Cloud of Today and the Future

    Josh Stella

    The approach taken by Fugue is to allow cloud infrastructure to be treated as code. This concept is required if developers are to generate applications that can exploit the cloud's capabilities and deliver on the promise of immutable infrastructure. -Ovum's On The Radar report on Fugue Fugue provides simplification of your life on the cloud through abstractions. Abstractions can be expressed in one of two ways: as black boxes, or as language. Fugue puts as much into language as we can, so that you can do things with it that we didn't predict. Black boxes are easier for a platform builder to make, because they do things in one particular way. They are also less flexible for the user, because they do things in one particular way, which may not be the way the user needs or prefers.

    Read More

    Fugue Computing: Next Generation Infrastructure Automation Is Here

    Josh Stella

    As we migrate applications to the cloud or build there natively, cloud computing itself is changing how we compose and operate our systems. We increasingly compose systems of elastic collections of services running on many compute instances. We now commonly employ application statelessness in order to exploit cloud system elasticity and to achieve the performance required of web scale systems. As we make these changes, we discover that systems management, operations, policy enforcement, and security in the cloud cannot be accomplished easily with tools and methods adapted from traditional data center environments. Our reality is that the elastic compute systems of any given enterprise are now distributed across tens, hundreds, thousands or more nodes running an ever-growing array of...

    Read More
    Fugue Developer

    Free Cloud Security for Engineers

    • Visualize your cloud infrastructure
    • Run policy checks and get feedback
    • Detect change and eliminate misconfiguration
    GET STARTED CONTACT SALES