Skip to content

    Latest Posts

    Performance in OPA Rego: Bottom-up and top-down

    Jasper Van der Jeugt

    In this blog post, we’ll talk a bit about how Rego evaluation works, and how it affects performance. Rego is a DSL for authoring policy. It is not restricted to a single kind of policy (e.g., RBAC) but instead is very general-purpose, making it possible to share policies across different services and stacks. We’ve found Rego to be ideal for cloud infrastructure security in Fugue, and infrastructure as code security in our open source project, Regula.

    Read More

    Announcing Regula: Validate Terraform Policy Compliance with Open Policy Agent

    Drew Wright

    Today we announced Regula, an open source tool for evaluating Terraform infrastructure as code for potential security misconfigurations and compliance violations. Regula uses the open source Open Policy Agent(OPA) policy framework and Rego query language, which have gained significant traction in the Kubernetes community and scale to cloud infrastructure policy assessments as well (Fugue’s SaaS product performs more than 100 million policy evaluations using OPA every day).

    Read More

    CCPA is Ambiguous About Cloud. Your Response Shouldn’t Be.

    Drew Wright

    On January 1, 2020, the California Consumer Privacy Act (CCPA), California’s answer to GDPR, goes into effect. Like GDPR, the CCPA is delivering anxiety and dread to executives, marketers, compliance officers, and engineers everywhere. As we learned from numerous conversations at the AWS re:Invent 2019 conference last week, engineers responsible for building and managing cloud-based systems and data are focused on CCPA and what it means.

    Read More

    Announcing Fregot: An Open Source Toolkit for Working with Rego and OPA

    Drew Wright

    Adopting the Rego policy language and the Open Policy Agent (OPA) engine for Fugue’s cloud security SaaS product has paid real dividends for us and our customers. It enables Fugue users to easily create custom policies for their cloud infrastructure environments using open source tools, and it’s helped us implement out-of-the-box policy as code support for complex compliance standards, including CIS Foundations Benchmarks, GDPR, HIPAA, ISO 27001, NIST 800-53, PCI, and SOC 2 (and our own Fugue Best Practices to identify advanced cloud misconfiguration risks).

    Read More

    Using Open Policy Agent (OPA) for Cloud Security and Compliance

    Drew Wright

    Just like the challenges of managing large cloud infrastructure operations led to the development of infrastructure as code, ensuring the security and compliance of those environments led to policy as code. Cloud infrastructure environments are simply too vast, complex and dynamic to address with traditional security approaches such as manual audits and checklists.

    Read More
    Fugue Developer

    Free Cloud Security for Engineers

    • Visualize your cloud infrastructure
    • Run policy checks and get feedback
    • Detect change and eliminate misconfiguration
    GET STARTED CONTACT SALES