Many teams use infrastructure-as-code tools such as AWS’s CloudFormation to automate the deployment of cloud infrastructure. But once the infrastructure is deployed, there is no protection against misconfiguration or the drifting of infrastructure out of compliance with regulations or internal policy.
Fugue protects against drift of infrastructure:
“Once an organization corrects compliance violations in CloudFormation templates and redeploys to production, Fugue continually enforces this baseline to ensure continual compliance.”
Federal agencies spend an extraordinary amount of time and effort authorizing cloud programs within the Risk Management Framework (RMF) process. For most federal agencies, obtaining an Authorization to Operate (ATO) can take up to 9-12 months or longer.
Even after agencies achieve ATO, security controls drift out of compliance almost immediately after they are manually checked. Continuous monitoring helps mitigate this but there are challenges with this process, especially in creating a single view of continuous compliance controls.
Fugue Platform provides infrastructure and policy controls as standard reusable templates of pre-approved architectures, technology stacks, and control implementation descriptions.
Fugue Platform seamlessly integrates into an automated CI/CD pipeline for validating and deploying infrastructure. Agencies can design the pipeline to measure the effectiveness of controls so infrastructure that violates controls will not be deployed.
Fugue Platform enforces compliance by automatically correcting for configuration drift in cloud infrastructure. Any misconfiguration that will bring you out of compliance is reverted within minutes.
Fugue sends drift and remediation events to a centralized queue to automate reporting on continuous monitoring.