Skip to content

    Latest Posts

    Building a Secure Amazon S3 Bucket (AWS)

    Josh Stella

    Much has been said about Amazon S3 security on Amazon Web Services (AWS) in the press and technical publications, and much of it is oversimplified and of limited practical use. Amazon S3 is an incredibly simple cloud service to use, but adequately securing your S3 resources is anything but simple, as too many organizations have discovered.

    Read More

    Fugue Sees 49% Spike in Cloud Security Product Usage Since Start of COVID-19 Crisis

    Drew Wright

    The COVID-19 crisis has a profound impact on just about every business, and for cloud engineering and security teams, the rapid and near universal transition to 100% work-from-home has created significant new cloud security risks. Our State of Cloud Security Report, based on our industry survey conducted in late March, showed that 84% of IT professionals are worried about new cloud security vulnerabilities created during the pandemic.

    Read More

    Zombie Cloud Infrastructure is a Major Security Risk

    Drew Wright

    One aspect of cloud computing platforms like Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) is that it’s easier to create infrastructure resources than it is to destroy them. Even more challenging is maintaining full visibility over all of your cloud resources. Corey Quinn once said, and I’m paraphrasing, “the only way to see everything you have running in your AWS account is to look at your AWS bill.”

    Read More

    Developers Now Own Security, and That's a Good Thing

    Josh Stella

    Software is eating the world. In the age of cloud computing, developers now own the security posture of your enterprise because the cloud is fully software-defined and programmable. If that scares you, it's because you haven't given your developers the tools to create secure systems. The good news is that you can, but you need to change how you think about security.

    Read More

    A Technical Analysis of the Capital One Cloud Misconfiguration Breach

    Josh Stella

    UPDATE: August 26, 2019Since posting this, AWS has made some public statements regarding the breach that shed some light on what likely happened. From their response to Senator Ron Wyden, AWS stated:"As Capital One outlined in their public announcement, the attack occurred due to a misconfiguration error at the application layer of a firewall installed by Capital One, exacerbated by permissions set by Capital One that were likely broader than intended. After gaining access through the misconfigured firewall and having broader permission to access resources, we believe a SSRF attack was used (which is one of several ways an attacker could have potentially gotten access to data once they got in through the misconfigured firewall." "As discussed above, SSRF was not the primary factor in...

    Read More

    The 5 Biggest Myths in Cloud Security (And How to Avoid Getting Burned)

    Drew Wright

    Enterprise cloud adoption is in full swing, therefore cloud security and compliance has become a top priority. Security in the cloud requires different approaches than in the datacenter—and a different mindset. Demonstrating this are movements like DevOps, DevSecOps, and Shift Left, which have begun to transform how Cloud Security Posture Management (CSPM) is done with automation using tools like infrastructure as code and policy as code.

    Read More

    Fugue Now Available for AWS GovCloud

    Diem Shin

    Fugue is excited to announce support for AWS GovCloud. This enables public sector customers to leverage public cloud resources while remaining compliant. Our product supports AWS GovCloud regions which meets specific regulatory and compliance requirements for US government agencies such FedRAMP High and ITAR.

    Read More

    4 Benefits of Visualizing Your Cloud Infrastructure

    Diem Shin

    As organizations increase their cloud footprint, gaining visibility into their cloud resources becomes an arduous but essential task. It is critical to understand how your cloud resources are provisioned and configured as well as identifying any misconfigurations. Many security and compliance teams address these needs by working with system architects to manually create architecture diagrams for reporting based on cloud console configuration settings, log records, and AWS Config data. This process is tedious and time consuming and not scalable for enterprises with large cloud workloads.

    Read More

    Addressing Cloud Security with Infrastructure Baselines

    Diem Shin

    At Fugue, we are obsessed with infrastructure baselines and especially with how they are utilized to correct cloud resource misconfiguration and drift—the leading cause of cloud-based data breaches. Baselines are a relatively new concept, so we thought an informative blog post about baselines, what they are, why organizations need them, and how organizations can get started with baselines, would be a great introduction to baselines. So let’s get started.

    Read More
    1 2 3 4 5
    Fugue Developer

    Free Cloud Security for Engineers

    • Visualize your cloud infrastructure
    • Run policy checks and get feedback
    • Detect change and eliminate misconfiguration
    GET STARTED CONTACT SALES