Skip to content

Google Cloud Security and Compliance

Ensure Your Google Cloud Infrastructure Stays in Continuous Compliance

Google Cloud Technology Partner

With Fugue, organizations gain visibility into their security and compliance posture, assure continuous compliance, and enable security automation with CI/CD integration and pre-deployment policy compliance checks.


Gain Visibility

Visualize Google Cloud compliance with Fugue's powerful diagramming and reporting tools


Eliminate Misconfiguration

Enable comprehensive drift detection for critical resources


Integrate Security

Build Google Cloud security and compliance into the development lifecycle with Fugue's API and IaC checks

Security and Compliance are Shared Responsibilities

Security and compliance in the cloud are shared responsibilities between the organization and Google Cloud, the cloud service provider. 

Google Cloud is responsible for "Security of the Cloud" or protection of the infrastructure that runs all of the services offered in their cloud. The customer is responsible for "Security in the Cloud" or any data, applications, operating systems, and network or firewall configurations that run on the CSP's infrastructure

Share Responsibility Model v2

Shared Responsibility Model

Gain Visibility into Google Cloud Security

Visualize your Google Cloud security posture with powerful diagramming tools to zoom into details on resource configurations and relationships and identify misconfigurations and compliance violations.

Fugue continuously evaluates Google Cloud resources with predefined rules mapped to the CIS Google Cloud Platform Foundations Benchmark, CIS Controls, CSA CCM, GDPR, HIPAA, ISO 27001, NIST 800-53, PCI, and SOC 2. For example, if a developer enables ingress to port 22 (SSH) with a firewall rule and forgets to remove the rule later, Fugue highlights the misconfigured firewall rule and VPC in visual diagrams, dashboards, and reports that are accessible at all times.


Gain Visibility

Eliminate Google Cloud Misconfiguration

Fugue builds a dynamic model of your Google Cloud environment as a baseline and identifies configuration drift that occurs between deployments.

Fugue enables you to investigate potentially dangerous misconfigurations in near real-time. For instance, if a Cloud KMS cryptokey is altered to be publicly or anonymously accessible, Fugue shows this and allows you to quickly remediate.


Continuous Compliance

Integrate Google Cloud Security into Software Development

Build Google Cloud security and compliance into software development from design to production.

Fugue's API enables integrating snapshots and reporting into CI/CD pipelines, in addition to building workflows and exporting events and data into other third-party tools. Regula, an open-source tool maintained by Fugue, validates Terraform for policy compliance pre-deployment.

Screen Shot 2020-05-08 at 12.56.08 PM

Automate Pre-Deployment Security