Google Cloud Technology Partner
With Fugue, organizations gain visibility into their security and compliance posture, assure continuous compliance, and enable security automation with CI/CD integration and pre-deployment policy compliance checks.
Visualize Google Cloud compliance with Fugue's powerful diagramming and reporting tools
Enable comprehensive drift detection for critical resources
Build Google Cloud security and compliance into the development lifecycle with Fugue's API and IaC checks
Security and Compliance are Shared Responsibilities
Security and compliance in the cloud are shared responsibilities between the organization and Google Cloud, the cloud service provider.
Google Cloud is responsible for "Security of the Cloud" or protection of the infrastructure that runs all of the services offered in their cloud. The customer is responsible for "Security in the Cloud" or any data, applications, operating systems, and network or firewall configurations that run on the CSP's infrastructure
Gain Visibility into Google Cloud Security
Visualize your Google Cloud security posture with powerful diagramming tools to zoom into details on resource configurations and relationships and identify misconfigurations and compliance violations.
Fugue continuously evaluates Google Cloud resources with predefined rules mapped to the CIS Google Cloud Platform Foundations Benchmark, CIS Controls, CSA CCM, GDPR, HIPAA, ISO 27001, NIST 800-53, PCI, and SOC 2. For example, if a developer enables ingress to port 22 (SSH) with a firewall rule and forgets to remove the rule later, Fugue highlights the misconfigured firewall rule and VPC in visual diagrams, dashboards, and reports that are accessible at all times.
Eliminate Google Cloud Misconfiguration
Fugue builds a dynamic model of your Google Cloud environment as a baseline and identifies configuration drift that occurs between deployments.
Fugue enables you to investigate potentially dangerous misconfigurations in near real-time. For instance, if a Cloud KMS cryptokey is altered to be publicly or anonymously accessible, Fugue shows this and allows you to quickly remediate.
Integrate Google Cloud Security into Software Development
Build Google Cloud security and compliance into software development from design to production.
Fugue's API enables integrating snapshots and reporting into CI/CD pipelines, in addition to building workflows and exporting events and data into other third-party tools. Regula, an open-source tool maintained by Fugue, validates Terraform for policy compliance pre-deployment.