Continuous Compliance in CloudFormation Environments

Enforce compliance and security for cloud infrastructure provisioned by CloudFormation

icon Get a Demo

Many teams use infrastructure-as-code tools such as AWS’s CloudFormation to automate the deployment of cloud infrastructure. But once the infrastructure is deployed, there is no protection against misconfiguration or the drifting of infrastructure out of compliance with regulations or internal policy.

Fugue protects against drift of infrastructure:

  • Scans your cloud environment and generates infrastructure baseline
  • Reverts any misconfiguration back to the baseline
  • Pauses baseline enforcement in order for CloudFormation templates to update
  • Resumes baseline enforcement once updates are completed to ensure continual compliance

“Once an organization corrects compliance violations in CloudFormation templates and redeploys to production, Fugue continually enforces this baseline to ensure continual compliance.”

Accelerate the ATO Process

Federal agencies spend an extraordinary amount of time and effort authorizing cloud programs within the Risk Management Framework (RMF) process. For most federal agencies, obtaining an Authorization to Operate (ATO) can take up to 9-12 months or longer.

Even after agencies achieve ATO, security controls drift out of compliance almost immediately after they are manually checked. Continuous monitoring helps mitigate this but there are challenges with this process, especially in creating a single view of continuous compliance controls.

  • Reusable architecture

    Fugue Platform provides infrastructure and policy controls as standard reusable templates of pre-approved architectures, technology stacks, and control implementation descriptions.

  • Security automation

    Fugue Platform seamlessly integrates into an automated CI/CD pipeline for validating and deploying infrastructure. Agencies can design the pipeline to measure the effectiveness of controls so infrastructure that violates controls will not be deployed.

  • Continuous monitoring

    Fugue Platform enforces compliance by automatically correcting for configuration drift in cloud infrastructure. Any misconfiguration that will bring you out of compliance is reverted within minutes.

  • Automated reporting

    Fugue sends drift and remediation events to a centralized queue to automate reporting on continuous monitoring.

Get Started Today With Fugue

Identity security and compliance violation and ensure they are never repeated.

icon Schedule A Demo
icon Contact Us