Skip to content

    Latest Posts

    An Introduction to Cloud Security for Infosec Professionals

    Richard Park

    As someone who has spent a long time in network and endpoint security and then moved to cloud security, I can sympathize with people with security backgrounds who want to learn more about the cloud and cloud security concepts. AWS, EC2, CMK, KMS, IAM, SQS, etc.? It can seem like a big alphabet soup of unfamiliar acronyms. And lots of questions come up. How can I know whether a cloud provider encrypts a service by default or if I must specify it? What is the difference between a queue and a topic? Does CMK stand for customer-managed key or customer master key?

    Read More

    Why Ransomware Attacks Steer Clear of the Cloud

    Josh Stella

    Ransomware made news headlines worldwide earlier this month after asuccessful attack against one of Toyota Motor Corp.’s parts suppliers forced the automaker to shut down 14 factories in Japan for a day, halting their combined output of around 13,000 vehicles.

    Read More

    Fugue Achieves AWS Security Competency Status

    Drew Wright

    Fugue recently achieved Amazon Web Services (AWS) Security Competency status. Our customers, including Red Ventures, Ericsson, and Wabtec use Fugue to establish cloud security visibility and policy-based governance across the software development life cycle. Attaining this designation from AWS recognizes that Fugue demonstrates proven technology that helps customers achieve their cloud security goals.

    Read More

    6 Big AWS IAM Vulnerabilities – and How to Avoid Them

    Becki Lee

    What’s a cloud vulnerability? In the simplest terms, it’s an exploitable weakness in a cloud environment. Vulnerabilities are commonly caused by cloud resource misconfigurations and can lead to breaches and security failures — especially when the vulnerability is related to Identity and Access Management (IAM).

    Read More
    1 2 3 4 5
    Fugue Developer

    Free Cloud Security for Engineers

    • Visualize your cloud infrastructure
    • Run policy checks and get feedback
    • Detect change and eliminate misconfiguration