When there’s a data breach involving Amazon Web Services (AWS), more often than not it involves the Amazon S3 object storage service. The service is incredibly popular. Introduced way back in 2006 when few knew what the cloud was, S3 is highly scalable, reliable, and easy to use. But getting the security of S3 right—and making sure it stays.

Cloud misconfiguration remains the top cause of data breaches in the cloud, and the COVID-19 crisis is making the problem worse. These are among the findings of Fugue’s new State of Cloud Security 2020 Report.

Employers across the U.S. and around the world are rapidly shifting to a mandatory work-from-home (WFH) arrangement to help slow the spread of the coronavirus (COVID-19). Even for organizations already operating with team members working from.

Fugue performs more than 100 million policy validations a day in order to identify compliance violations for cloud infrastructure environments at scale. These policy-as-code validations are written in Rego, the policy language for the Open Policy Agent (OPA) engine. To enhance the process of writing and debugging Rego policies, we recently.

 Today, we announced Fugue Developer, a free tier designed for individual engineers to build and maintain secure cloud infrastructure in highly dynamic and regulated cloud environments. Get started here and you'll have a visualization of your AWS or Azure environment in minutes. 

Today we released the Fugue Best Practices Framework to help software engineering teams identify and remediate the kinds of dangerous cloud resource misconfigurations used in recent data breaches that aren’t addressed by common compliance frameworks (see A Technical Analysis of the Capital One Cloud Misconfiguration Breach).

Cloud computing platforms like Microsoft Azure and Amazon Web Services (AWS) are powerful because we can program them to respond to our application requirements automatically. Engineers can innovate really fast, spinning resources up and down on demand, and we only pay for what we use.

Just like the challenges of managing large cloud infrastructure operations led to the development of infrastructure as code, ensuring the security and compliance of those environments led to policy as code. Cloud infrastructure environments are simply too vast, complex and dynamic to address with traditional security approaches such as manual.

Cloud Security Posture Management (CSPM) is a category defined by Gartner to address the growing needs of public cloud IaaS and PaaS services to address the challenges of misconfiguration. According to Gartner, nearly all successful attacks on cloud services are the result of customer misconfiguration, mismanagement, and mistakes. A single.

One aspect of cloud computing platforms like Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) is that it’s easier to create infrastructure resources than it is to destroy them. Even more challenging is maintaining full visibility over all of your cloud resources. Corey Quinn once said, and I’m paraphrasing, “the only.