Skip to content

Upcoming Events

Cloud Security Masterclass

Securing Terraform IaC with the Regula Policy Engine

In this Cloud Security Masterclass, Fugue’s Josh Stella (CTO) and Curtis Myzie (VP Engineering) will dig into using Regula, an open source policy engine for checking infrastructure as code. For this session they’ll focus on checking Terraform in development (HCL checks) and in CI/CD (Terraform plan checks). You’ll learn how to: Get started with Regula and pre-built policies (including CIS Foundations Benchmarks policies) Integrate Regula IaC checks into your git workflows and CI/CD pipelines Write custom policies using the open source Rego language This session is ideal for engineering and security teams using AWS, Microsoft Azure, or Google Cloud environments (or all 3!). While this session will focus on Terraform, if you use AWS CloudFormation you’ll still learn how Regula can work for your use case.

Fugue Lunch & Learn

IaC Security with Regula's Pre-Built Policies

In this session, Fugue’s Ricardo Green (Principal Solutions Engineer) and Curtis Myzie (VP Engineering) will walk through how to ensure the security of your Terraform templates using some of the hundreds of pre-built Regula rules. You’ll walk away from this session with an clear picture of: Regula’s pre-built policies, including those mapped to the CIS Foundations Benchmarks Running security checks on Terraform (HCL) in development Integrating Regula’s checks on Terraform plan files in CI/CD pipelines You can also use your same Regula policies to check your running cloud environment using Fugue. This session will be specific for Terraform and AWS, but is applicable for any engineering and security teams using AWS, Microsoft Azure, or Google Cloud environments (or all 3!) — or using AWS CloudFormation.

MEETUP

Speaking Session: CSA Delaware Valley

Josh Stella, Co-Founder and CTO of Fugue is going to simulate two real-world cloud misconfiguration attacks to demonstrate in real-time how these methods work in evading datacenter security approaches and take advantage of common cloud misconfigurations that compliance standards miss. You’ll learn how these hacks go down, and how to spot previously-missed vulnerabilities and determine the blast radius of your cloud security gaps. 

About this Cloud Security Masterclass

  • A one-hour live video session with open chat throughout, and extra time for Q&A following the main session
  • Hands-on demonstrations of real-time cloud exploits using tools such as the AWS Console and Command Line

  • A fun, interactive learning session (no boring powerpoint webinars here!)

Fugue Lunch & Learn

IaC Security with Custom Rules

In this session, Fugue’s Ricardo Green (Principal Solutions Engineer) and Curtis Myzie (VP Engineering) will walk through how to ensure the security of your Terraform templates using some of the hundreds of pre-built Regula rules. You’ll walk away from this session with an clear picture of: How to create custom-built policies using Regula You can also use your same Regula policies to check your running cloud environment using Fugue. This session will be specific for Terraform and AWS, but is applicable for any engineering and security teams using AWS, Microsoft Azure, or Google Cloud environments (or all 3!) — or using AWS CloudFormation.

Executive Briefing

Navigating the Modern Cloud Threat Landscape

In this session, Alan Shimel (Security Boulevard and DevOps.com) brings together Josh Stella (CTO, Fugue) and Matt Howard (EVP, Sonatype) to cut through the complexities of the cloud to help today’s IT and security leaders understand the nature of cloud risks, prioritize their efforts, and operate securely in the cloud — without sacrificing speed and agility. Specifically, attendees will learn: Why cloud is different and how organizations routinely get cloud security wrong How hackers operate in the cloud to understand how to identify your vulnerabilities Why cloud security must cover the entire software development lifecycle (SDLC) How to map your cloud risks, including infrastructure, software supply chain, ransomware, and more How to align management, cloud+DevOps engineers, and security teams to achieve your goals This session is ideal for IT and security professionals, including CISOs, CIOs, VPs of security and cloud, and cloud engineering and DevOps management.

Conference

DevOps Days Boston-Blowing up Serverless Security and How to Avoid it

Josh Stella, Fugue Co-Founder and CEO will dig into the role IAM plays in serverless security, how IAM misconfigurations put data at risk, and why these mistakes are so easy to make and common in enterprise cloud environments.

Get Started with Fugue Today

Prevent misconfiguration and ensure continuous compliance with enterprise security policies.
REQUEST LIVE DEMO CONTACT SALES