Skip to content

    Latest Posts

    Overcoming the Cultural Divide Between DevOps and Security Teams

    Richard Park

    Organizations are excited about the cloud and what it can do for their business. Cloud computing offers the promise of services at elastic speed and DevOps teams are embracing the opportunity to innovate at speed and efficiently scale. The ability to easily bring up thousands of servers within minutes, however, also introduces security and compliance issues. Security and compliance issues are often neglected or avoided because of the perception that adding security will dramatically slow the pace of development. DevOps and security teams may seem to have opposing interests at times. Development teams who deploy apps in the cloud are used to moving fast and having the freedom to deploy whatever resources they need to accomplish their goals. They are not security and compliance...

    Read More

    Cloud Security and Your DevOps Pipeline

    Richard Park

    DevOps provides IT enterprises with the ability to rapidly iterate on smart, fast software deployments. Relying on powerful version control and build tools like Github and Jenkins enables DevOps teams to save time and money by including development and operations in a single automated pipeline. However, in some DevOps environments, security is often neglected or avoided because of the perception that the security team will introduce inefficiencies and dramatically slow the pace of development. Bypass the unnecessary risks of this approach by integrating security directly into your DevOps pipeline. DevSecOps Provides Agile Security DevSecOps is established by placing security controls in every phase of your pipeline. Common best practices include: Training: Educate engineers to...

    Read More

    Securing AWS CloudFormation Stacks with Fugue

    Fugue Team

    Launched in 2011, AWS CloudFormation was a game changer because it was one of the first template-based, infrastructure-as-code (IaC) tools that provided the ability to express the full cloud infrastructure stack as configuration files. It wasn’t limited to the OS layer like traditional configuration management tools. However, organizations that operate on AWS under strict security rules and compliance regimes (i.e., HIPAA, PCI, NIST 800-53) need to make sure their infrastructure is created in accordance with the applicable security and regulatory policies—and stays aligned in the face of constant change. The Risk of Cloud Misconfigurations, Drift, and Policy Violations IaC tools like CloudFormation (CF) were not designed to address security and compliance comprehensively, and they...

    Read More

    Cloud Misconfiguration Bedevils Enterprises at an Alarming Rate

    Drew Wright

    Last week, Fugue released its Cloud Infrastructure Misconfiguration Report, which presents the results of our survey of more than 300 IT and security professionals from enterprise-level organizations. What surprised many of us at Fugue the most was the steep cost incurred by enterprises in their attempt to manage cloud misconfiguration, which is still largely a complex, manual process in an otherwise automated world of cloud. You can read more about that in The Cost of Cloud Misconfiguration Whack-a-Mole. Today let’s focus on the risk that cloud misconfiguration brings to the enterprise, and what our survey reveals about the severity of the problem. In short, it’s bad. An overwhelming majority (93%) say they are “somewhat concerned” or “highly concerned” that their organization is at...

    Read More

    Why You Should Care About Cloud Infrastructure Governance

    Drew Wright

    It’s never been easier or faster for companies using the cloud to deploy infrastructure on AWS. That’s the good news. The not-so-good news? You can’t move fast without compromising security, compliance, and control. Well, you can’t unless you automate your cloud infrastructure policies, including compliance and security . Hold that thought for a moment. Here are four common hurdles nearly every organization using the cloud encounters: Inconsistent enforcement of regulatory compliance policies (PCI, HIPAA, NIST 800-53) Uneven use of internal governance policies Uncontrolled shadow IT, ad hoc automation, and tooling sprawl Increased demand for cloud expertise Viewed from a higher level, companies using the cloud need to see all resources running across environments, accounts,...

    Read More

    No Matter How You Built Your Cloud…

    Racquel Yerbury

    No matter how you built your cloud—no matter what tools or services you’ve used to provision an application’s infrastructure—you can migrate existing workloads to Fugue easily and securely with no downtime. At AWS re:Invent this week, November 27 - December 1, test out Fugue’s automated infrastructure governance with our team at booth 1600 or explore Fugue’s new migration and enhanced compliance capabilities at www.fugue.co/migrate . By migrating to Fugue, enterprises, agencies, and DevSecOps teams in any organization centralize their control and visibility of systems running in the cloud, while accelerating secure deployments and updates. Human error—typical with scaled, enterprise infrastructure and costly in dollars and consumer trust—is drastically reduced since Fugue highlights...

    Read More

    Fugue Addresses Cloud's “Undifferentiated Heavy Lifting”

    Racquel Yerbury

    Twenty minutes or two weeks to spin up your new applications and new product features? Automated care and feeding of infrastructure that requires minimal human intervention or bespoke care and feeding that requires continual attention? The choice seems pretty obvious. Back in 2006, Jeff Bezos was building Amazon Web Services (AWS) to solve a core problem for businesses: undifferentiated heavy lifting. Getting great ideas and applications to market fast is key in holding a competitive edge. If you transform parts of the IT pipeline that require a lot of time, effort, and money—the same parts that every business has to contend with—into fast, easy-to-use, efficient parts, you win. Or, at least, you’re a few laps ahead. Bezos, with foresight to grow AWS into what’s now the largest cloud...

    Read More

    The Next Cloud Outage is Coming—What You Can Do To Survive

    Josh Stella

    This article was first published in DZone's Cloud Zone on April 3, 2017. The repercussions of recent cloud outages—AWS’s S3 crash and Azure’s Active Directory cascading failure—linger in IT departments and manifest in revenue loss. But, the bigger story is that the next outage is around the corner—unpredictable, coming to get us on a random Tuesday. Whether businesses are using cloud providers, on-premise data centers, or hybrid setups to host web services and backends, infrastructure failures are a fact of life and have to be on our radars as a matter of routine. This makes architecting for failure and for the future, from the start, among the most pressing imperatives for business IT departments. The next five years will see the rise and democratization of centralized control...

    Read More

    Continuous Delivery with Fugue and CircleCI

    Jonathan Sabo

    For Fugue, providing documentation is about more than just creating a high-level reference for information. Our documentation content ranges from examples of creating complex infrastructure with Fugue to walkthroughs of integration with a number of popular devops tools in use today, which is what we’re here to talk to you about. So… why did we build this particular example? In short, we picked an integration with CircleCI as one of our examples because it is a great way to automate the build, test, and deployment processes. It provides integration with some of the most popular source code management systems like Github and Bitbucket, and is used by leading edge companies including Facebook, Kickstarter, and Spotify. Continuous integration (CI) speeds up development and release...

    Read More

    The Next-Generation Cloud CMDB: Ludwig Code

    Dominic Zippilli

    In a recent report, Ovum described Fugue as "a CMDB for APIs." A configuration management database (CMDB) is a single source of truth for configuration of complex systems. This is a crucial aspect of Fugue, one where running your operations with Fugue offers a lot of value to you. Fugue's CMDB is an effect of our declarative model for configuration, built around our typesafe, compiled Ludwig language. The Fugue CMDB is not a proprietary store with a form-based interface; it is Ludwig code, managed in a VCS of your choice, like git or svn. That code is a declarative configuration of infrastructure (or other API) state. Once it is run as a process in Fugue, that declaration is made real and immutable with machine precision. In this way, a well-managed body of Ludwig compositions and a...

    Read More
    Fugue Developer

    Free Cloud Security for Engineers

    • Visualize your cloud infrastructure
    • Run policy checks and get feedback
    • Detect change and eliminate misconfiguration
    GET STARTED CONTACT SALES