AWS Advanced Technology Partner
With Fugue, organizations gain visibility into security and compliance posture, eliminate AWS misconfiguration with drift detection and context-aware guardrails, and enable security automation with CI/CD integration and pre-deployment policy compliance checks.
Visualize AWS compliance with powerful diagramming and reporting tools
Enable comprehensive drift detection and context-aware guardrails for critical resources
Build AWS security and compliance into the software development lifecycle with Fugue's API and IaC checks
Security and Compliance is a Shared Responsibility
Security and compliance in the cloud is a shared responsibility between the organization and AWS, the cloud service provider.
AWS is responsible for protecting the infrastructure that runs all of the services offered in the cloud which includes the hardware, software, networking, and facilities that run the cloud services. The organization is responsible for any data, applications, operating systems, and resource configurations that run on AWS's infrastructure.
Gain Visibility into
Visualize your AWS security posture with powerful diagramming tools to zoom into details on resource configurations and relationships and identify misconfigurations and compliance violations.
Fugue continuously evaluates AWS resources with hundreds of predefined rules mapped to the CIS AWS Foundations Benchmark, CIS Controls, CIS Docker, CSA CCM, GDPR, HIPAA, ISO 27001, NIST 800-53, PCI, SOC 2, and Fugue Best Practices. For example, if an Amazon S3 bucket is misconfigured to allow public access, Fugue identifies the noncompliant bucket in visual diagrams, dashboards, and reports that are accessible at any time.
Eliminate AWS Misconfiguration
Fugue builds a dynamic model of your AWS environment as a baseline and identifies configuration drift that occurs between deployments.
For critical resources, Fugue enables context-aware guardrails to auto-remediate unwanted drift back to a baseline without manual remediation or automation scripts. For instance, if an Amazon VPC is altered to allow SSH access from the internet, Fugue returns the security group rules to the known-good baseline state.
Integrate AWS Security into Software Development
Build AWS security and compliance into software development from design to production.
Fugue's API enables integrating snapshots, reporting, and auto-remediation into CI/CD pipelines, in addition to building workflows and exporting events and data into other third-party tools. Regula, an open-source tool maintained by Fugue, validates Terraform and CloudFormation for policy compliance pre-deployment.
Additional AWS Related Resources
Fugue for AWS
AWS IaaS and PaaS tools have created challenges for teams responsible for managing compliance and security risks.
Simulating Cloud Misconfiguration Attacks: S3 Exploits on AWS
Amazon S3 object storage service is easy to use, extremely reliable, and incredibly popular, but it’s also a service that’s easy to get wrong.