Skip to content

Unified Ruleset

The Regula Policy Engine is the only open-source policy engine in the industry that supports the use of a common ruleset across the entire cloud development lifecycle (CDLC).

  • No need to wrestle with conflicting policies managed by multiple tools; with Fugue, write a rule once and use it at every stage of the CDLC
  • Apply hundreds of built-in policies mapped to CIS Foundations Benchmarks, SOC 2, PCI, and more, or define custom enterprise policies
  • Gain awareness of any changes in your cloud by checking resources at design-time and at runtime because drift happens
A simple custom rule that checks whether an Amazon S3 bucket allows any AWS user to access it

Custom Policies

Implement enterprise policy checks for IaC and runtime resources with rules that fit your organization's specific requirements, such as confirming whether required resource tags are present or checking for multi-AZ database deployments.

  • Write policy as code using Rego, the policy language from Open Policy Agent, rather than learning a proprietary language and use the same policies at design-time and runtime
  • Unlike other platforms that only support rules that check single resources in isolation, the Regula Policy Engine supports sophisticated rules that check multiple resource types at a time and can even determine if required resources are missing
  • Review custom policy reports and distribute them to your team and management, and see a visual map of resources that violated enterprise policies
Visualization of a non-compliant resource violating a custom rule

Open Source Policy Engine

The open source Regula Policy Engine is built on the cloud-native Open Policy Agent (OPA) framework.

  • Because policies are written in Rego, you can use open source tools such as Regula, Fregot, and Conftest to write, test, and debug custom policies
  • Powered by the Regula Policy Engine, Fugue can check IaC during development and deployment and continuously monitor cloud resources post-deployment
  • Get fast feedback on the security of your IaC with Regula's pre-commit hook, or integrate Regula into your CI/CD pipeline for automated testing
Regula pre-commit hook results

Get Started with Fugue Today

Prevent cloud misconfiguration and ensure continuous compliance with enterprise security policies.