Press Coverage

  • AIthority

    Fugue Announces Team Plan to Help Engineering Teams Collaborate on Cloud Security and Compliance

    Fugue Team provides role based access control for building, accessing, and modifying cloud infrastructure environments, and the Fugue API for integrating cloud security into automated CI/CD pipelines to prevent cloud misconfiguration and policy violations. Fugue Team supports custom rules using Open Policy Agent, Fugue Best Practices to protect against advanced cloud misconfiguration exploits, and compliance families such as CIS Foundations Benchmark for AWS and Azure, GDPR, HIPAA, ISO 27001, NIST 800-53, PCI-DSS, and SOC 2.

  • Help Net Security

    Fugue’s engineer empowerment and education as growth strategy in 2020

    "In the past year, the company introduced several innovations to its award-winning cloud security product, gained significant new customers, and contributed two new open source projects for cloud infrastructure policy as code tooling. Engineer empowerment and education will continue to serve as the pillars of the company’s product roadmap and growth strategy in 2020."

  • Container Journal

    Empowering Engineers to Secure Their Cloud Infrastructure Drives Fugue’s Momentum into 202

    In 2019, Fugue attracted a significant number of industry-leading new customers to it’s unified SaaS solution, including AT&T, SAP NS2, Manitoba Blue Cross, A+E Networks, TravelBank, RedVentures, SparkPost, GlobalGiving, A|L Media, TurningTechnologies, EMSI, GoGuardian, New Light Technologies, PublicRelay, and a large financial services institution.

  • Jax Center

    Fugue open sources Regula, a security and compliance tool for Terraform

    Working with Terraform infrastructure-as-code can sometimes be a bit of a headache when it comes to tracking security misconfigurations and compliance violations, but now Fugue has open sourced their Regula tool to assist engineers with maintaining vigilance. Let’s take a closer look.

  • DevOps Digest

    Fugue Open Sources Regula for Evaluating Terraform for Policy Compliance

    “Developers design, build, and modify their own cloud infrastructure environments, and they increasingly own the security and compliance of that infrastructure. Fugue builds solutions that empower engineers operating in secure and regulated cloud environments, and Regula quickly and easily checks that their Terraform scripts don’t violate policy—before they deploy infrastructure.”

  • Enterprisers Project

    Security 2020: 4 trends to watch

    “Developers [will take more} ownership over the security of their cloud infrastructure with software engineering tools such as policy-as-code validation and automated remediation of critical misconfiguration vulnerabilities. Enterprises that invest in empowering their developers with the tools they need to keep their cloud environments secure have a fighting chance against advanced cloud-native attacks.” Josh Stella, co-founder & CTO of Fugue.

  • CSO Online

    Review: How Fugue protects cloud assets

    "Fugue fills a critical need, keeping the cloud infrastructure secure and compliant in today’s world of ever evolving and expanding clouds. And the bigger the enterprise, the more the kind of infrastructure-level protection offered by Fugue will be needed. Thankfully, its powerful protection is as easily accessible as it is necessary these days."

  • The Cloud Awards

    Fugue Shortlisted for Security Innovation of the Year

    The Cloud Awards has included Fugue on it's shortlist for Security Innovation of the Year, recognizing Fugue's SaaS product for visualizing cloud infrastructure environments, identifying misconfiguration risks and policy violations, and proving compliance.

  • Intellyx

    Fugue Update: Compliance and security validation for cloud resources

    “There’s great value in having a current state visualization of what’s in your cloud environment,” said Drew Wright, Fugue’s VP of communications. “The first time a team runs Fugue, they see the relationships between resources, but they usually also find some interesting things going on they weren’t aware of: Untagged resources, orphaned VPCs and security groups, and unpatched servers and applications.”

  • DevOps Digest

    Fugue Developer Released as Free Tier

    Fugue announced Fugue Developer, a free tier that puts engineers in command of cloud security through the entire software development lifecycle (SDLC).

  • DevOps Digest

    Fugue Open Sources Fregot (the Fugue Rego Toolkit)

    Fregot enables developers to easily evaluate Rego expressions, debug code, and test policies. Rego is part of the Open Policy Agent (OPA) policy engine, which Fugue adopted this year as its policy as code implementation for cloud security and compliance.

  • Media Post

    Fugue Supports Open-Source Policy Engine For Cloud Security and Compliance

    The arrangement enables Fugue customers to “use the same open language for defining their cloud infrastructure policies in Fugue that they are using for other enterprise policy needs. This eliminates the need to learn other vendors’ proprietary, inflexible policy languages.”

  • SD Times

    Fugue Now Supports Open Policy Agent

    Fugue is driving the adoption of OPA to address use cases such as for securing cloud environments on Amazon Web Services (AWS) and Microsoft Azure. Fugue also added support to its product for customer-defined rules written using OPA and Rego.

  • Cloud Security Alliance Podcast

    What Executives Should Know About Cloud Security Breaches and Prevention

    Security incidents involving cloud infrastructure misconfiguration have become a significant threat since many organizations began shifting their assets to the cloud. Fugue CEO Phillip Merrick talks with John DiMaria from the Cloud Security Alliance on what executives need to know to ensure cloud security.

  • Security Boulevard

    Debunking the 5 Biggest Cloud Security Myths

    Enterprise cloud adoption is in full swing, and cloud security and compliance have become top priorities. Security in the cloud requires different approaches than in the data center—and also requires a different mindset. However, this transformation fosters some dangerous assumptions that can lead to complacency and a false sense of security.

  • Killer Innovations

    Fugue CEO Phillip Merrick On Being The Innovation First Mover

    Fugue CEO Phillip Merrick joins Phil McKinney on his nationally syndicated radio show and podcast, Killer Innovations, where he discussed his experiences cofounding webMethods, pioneered the use of web services, and now leading Fugue. Phillip the importance of not just the idea, but how you bring it to market, how you package it up for service, and how you build the team from recruiting to culture.


    Cloud Security: Self-Healing Infrastructure With Fugue

    Alan Shimel from interviews Josh Stella on cloud security, the challenges of cloud misconfiguration, and Fugue. Fugue helps to eliminate data breaches, as it fixes anything that gets drifted by providing baseline drift detection and automated remediation.

  • Dark Reading

    What Are the First Signs of a Cloud Data Leak?

    Fugue CTO Josh Stella spoke with Dark Reading about the challenges in detecting a cloud misconfiguration-related data breach. "Be on the lookout for unusual List and Read operations in your API call logs — particularly for data that isn't usually directly listed or read during normal production operations. The key to stopping cloud-based data breaches is to prevent cloud misconfiguration in the first place."

  • CyberDefense Magazine

    Why “Cloud Security 101” Isn’t So Simple After All

    Josh Stella, co-founder, and CTO of Fugue, writes about cloud misconfiguration and why it's become very difficult for enterprise security teams to find them before the bad guys do. In order to secure cloud environments, we need to think and act differently than we did in the datacenter.

  • Media Post

    Fugue And New Light Technologies Partner On Cloud Services

    Fugue and New Light Technologies Inc. (NTL) have formed a strategic partnership to extend Fugue’s cloud security and compliance services to NTL’s Amazon Web Services (AWS) and Microsoft Azure clients.

  • TechTarget

    DoD's JEDI cloud contract favors AWS, with Microsoft on deck

    The importance of being cloud-agnostic influences the tools businesses such as New Light Technologies choose to work with; New Light recently chose compliance-as-code software maker Fugue over native tools such as AWS CloudFormation templates for that reason.

  • TechTarget

    Compliance-as-code tool hits DevSecOps sweet spot for MSP

    "Because everything we do is code, we're able to roll it out in hours or minutes, as opposed to days, in some very complex ESRI environments, without having to write all kinds of CloudWatch alarms or custom Lambda functions. Fugue acts as a massive safety net since I can immediately know if something changes, and it can self-enforce the [desired] configuration." - Dave Williams, New Light Technologies

  • Cloud Security Alliance

    “Shift Left” to Harden Your Cloud Security Posture

    Automating the shift left of cloud infrastructure compliance and security into the design and develop phases will eliminate those delays and frustrations, make better and more secure systems, and turn those functions into highway builders rather than toll booth operators. - Josh Stella, co-founder and CTO, Fugue

  • Media Post

    Fugue Offers Cloud Security Product For Microsoft Azure

    Fugue for Microsoft Azure and AWS (Amazon Web Services) is designed to help enterprise firms that use several cloud providers maintain “the security and compliance posture of their infrastructure environments across clouds” states Phillip Merrick, CEO of Fugue.

  • DZone

    Most Common Security Fails (Part 3)

    "Continuing to rely on human processes for security and compliance in the cloud make a major security incident a near certainty." - Josh Stella, co-founder and CTO, Fugue

  • DZone

    Changes in Cybersecurity (Part 1)

    "Focus your resources on establishing known-good cloud configuration baselines, shifting security left by automating policy checks earlier in the SDLC, and using self-healing infrastructure tied directly to your established baseline to eliminate configuration drift for critical resources."

  • Security Boulevard

    Chaos Is Inevitable. Resilient Cloud Security Is the Answer

    Netflix made chaos engineering famous. In a nutshell, you automate harmful changes to the environment and test to see if your automations hold up. Tools such as Chaos Monkey focus on operational resilience, and we can do the same for security.

  • Programmable Web

    Fugue Merges Fugue Platform and Fugue Risk Manager into Single SaaS Product

    Fugue, a cloud infrastructure security and compliance provider, has announced that it has combined its Fugue Platform and Fugue Risk Manager into a single SaaS solution. The single solution, which combines cloud security, compliance, and software development life cycle under a single umbrella includes the new Fugue API. Through the API, developers can integrate security and policy checks within their infrastructure.

  • Help Net Security

    Embrace chaos to improve cloud infrastructure security resilience

    Modern cloud threats use automation to find and exploit these misconfiguration vulnerabilities before traditional scan and alert tools can identify them. In order to become more proactive and prevent these threats from doing any damage, an organization needs to simulate real-world misconfigurations to identify security gaps before they are exploited.

  • Compliance Week

    Fugue adds SOC 2, ISO 27001 to its SaaS solution

    Fugue, a provider of autonomous cloud infrastructure security and compliance, announced the addition of SOC 2 and ISO 27001 to its SaaS (software as a service) solution’s list of out-of-the-box compliance standards.

  • DZone

    DZone Research: The Most Important Security Elements

    Cloud-related data breaches are almost always the result of misconfiguration of cloud resources, and that’s always the fault of the cloud customer. Focus on establishing known-good cloud configuration baselines that adhere to internal and compliance policies, and automation to revert configuration drift for critical resources back to your baseline to protect data and ensure continuous compliance.

  • Media Post

    Cloud Security Briefing with Fugue CEO Phillip Merrick

    Hardly a week goes by without news of another major data breach. Marketers can be forgiven if their eyes glaze over — they have other things on their minds. But they should be concerned. A breach can destroy a firm’s reputation and its marketing program.To learn more about security—and why email marketers should worry about it — MediaPost interviewed Phillip Merrick, CEO of Fugue.

  • ComplianceWeek

    Fugue enhances its cloud compliance product

    Fugue announces new enhancements to enable continuous compliance scanning and reporting across an organization’s entire cloud footprint for standards such as PCI, GDPR, HIPAA, NIST 800-53, SOC 2, ISO 27001, and CIS AWS Foundations Benchmark.

  • DevOps Digest

    Fugue Adds PCI Cloud Monitoring and Reporting

    Fugue announced support for Payment Card Industry (PCI) compliance for enterprise cloud environments. The addition of PCI to Fugue's suite of out-of-the-box compliance standards enables enterprises to demonstrate continuous compliance across their entire cloud computing footprint.

  • Media Post

    Fugue Extends Its Cloud Compliance Service To Payment Field

    Fugue announces a service to help firms comply with Payment Card Industry (PCI) requirements. In addition to PCI, the company supports cloud compliance with HIPAA, GDPR, NIST 800-53, AWS CIS and Benchmark. Fugue provides inventory and compliance monitoring of enterprise cloud environments.

  • Baltimore

    Fugue evolves its cloud security offering with SaaS product

    A look at Fugue's SaaS product designed to automate the processes that ensure that policies are always being followed in order to prevent breaches: The company establishes a baseline. Then, Fugue can detect if there is “drift” from that baseline, and adds automation to the process of bringing things back in compliance.

  • T-Suite Podcast

    Security, Heal Thyself — Talking with Fugue's Josh Stella

    Fugue co-founder and CTO Josh Stella sits down with Bill Raymond to discuss about the past, present, and future of IT security, self-healing technology, and how enterprises can make their cloud environments more secure.

  • CRN

    CRN Names Fugue one of the 10 Hottest DevOps Technology Startups Of 2018

    CRN offers up their list of the ten hottest DevOps technology startups of 2018. Fugue is recognized for its policy-as-code approach to prevent infrastructure that violates policy from being deployed, and automatically remediating unauthorized change back to a known-good baseline.


    Cloud security firm Fugue gets backing from IC investor In-Q-Tel

    Cloud security outfit Fugue has received an investment from the intelligence community’s venture capital arm In-Q-Tel in order to further bring cloud security automation tools into the national security community.


    The State of Cloud Security

    Fugue co-founder and CTO Josh Stella writes in DevOps Digest on the state of cloud security. IT Operations and Security professionals are caught between a rock and a hard place with cloud misconfiguration. They can limit their organization's cloud agility by clamping down hard on which configurations are allowed, or they can live with a great deal of exposure, uncertainty and operational costs.


    Fugue Compliance Suite Released for Cloud Infrastructure

    Fugue announced the availability of the Fugue Compliance Suite to make it easier for enterprises to validate cloud infrastructure against security and compliance policy to prevent data breaches. The Compliance Suite contains pre-built validations expressed in policy-as-code libraries that are mapped to AWS CIS Benchmarks, NIST 800-53 Rev. 4, GDPR, and HIPAA.


    Solving the cloud infrastructure misconfiguration problem

    Security incidents involving cloud infrastructure misconfiguration have become a significant threat since many organizations began shifting their assets to the cloud. Fugue CEO Phillip Merrick talks with Zeljka Zorz from Help Net Security about the problem and what enterprises can do to solve it.


    Cloud misconfiguration: The security threat too often overlooked

    A survey of 300 IT professionals by cloud infrastructure security provider Fugue reveals that most enterprises are vulnerable to security events caused by cloud misconfiguration, including data breaches and system downtime events.


    The One Cloud Security Metric Every CISO Should Know

    The biggest risk in the cloud comes from infrastructure misconfigurations, largely due to human error. But they're entirely preventable. Fugue CTO Josh Stella writes about cloud misconfiguration risk, how to measure it, and what enterprises can do to eliminate it.


    Industrial Cloud Computing is Here

    Josh Stella (CEO of Fugue) talks with Inside Analysis host Eric Kavanagh about cloud computing and where it’s headed. Topics include #DevSecOps and the need to automate cloud security and compliance.


    The Cloudcast #338—Governance and DevSecOps

    Brian talks with Josh Stella (CEO of Fugue) about what DevSecOps means, how companies manage the tension between developer agility and operations stability, how to codify governance via code, and early steps to success in DevOps culture.


    Unisys, Fugue usher government entities into second phase of cloud adoption

    With the market now in the “second phase of cloud,” Fugue and Unisys work together to move customers out of the shadow information technology era and into full strategic adoption. “To do that you need automation, you need repeatability, you need consistency, you need policy enforcement.”


    11 Tips to Prevent Customer Data Breaches

    Experts weigh in on cloud security, with Fugue CEO Josh Stella giving thoughts on infrastructure governance, automation, policy-as-code, and DevSecOps collaboration.

  • INC.

    Here's the Real Dish on the Public Cloud

    Inc.'s Molly St. Louis sat down with Fugue CEO Josh Stella to discuss the dynamics of the public cloud and how best to tap its power—while maintaining best practices, staying compliant, and focusing on your company's core business value.


    Infrastructure governance keeps systems in compliance

    Compliance is not just for apps and data. Infrastructure, whether on premises or in the cloud, must also adhere to corporate policies. Unfortunately, after resources are spun up for development or production, they often are not checked or audited frequently enough—or at all—to ensure they continue operating in compliance with the rules. Washington, D.C.-based nonprofit Global Giving turned to Fugue to address infrastructure governance, automation, and policy compliance needs.


    Why The Uber Hack May Have Been A Ticking Time Bomb

    Even in these days of rapid innovation and heightened security awareness, there’s little that can stop human mistakes from leading to disastrous consequences for businesses. This is especially true when we rely on manual processes and practices in developing complex applications. Fortunately this is also a time of smart, scalable automation, and we now have the tools we need to stop these disasters in their tracks.


    Fugue: Preventing Out-of-Compliance Cloud Deployments

    Fugue prevents configuration drift or the introduction of out-of-compliance resources across the entire cloud deployment, ensuring an accurate reference architecture as well as the ability to audit every aspect of the deployment.


    Interview: Josh Stella, Fugue, Peter O'Donoghue, Unisys Federal | AWS re:Invent

    At AWS re:Invent, the CUBE's John Furrier discussed cloud security, compliance, and governance with Fugue CEO Josh Stella and Unisys Federal VP of Application Services, Peter O'Donoghue. Josh and Peter offer solution and market insights, including how partnerships like this one can protect enterprises and government from misconfigurations and human error.


    Fugue automates all the (AWS) things

    The reality is that modern enterprises are more complex than ever before – they use a myriad of different infrastructure patterns and managing all of that is hard. I’ve also been a critic of current management and monitoring offerings as they tend to (in my view) only deliver half of the equation: they expose the issues but don’t automate the actions. Or they automate actions, but not with a tie-in to monitoring intelligence. This is where Fugue comes in – created by some folks with deep AWS experience, Fugue is all about policy-driven automation.


    3 Ways to Simplify Your Legacy IT Infrastructure

    In an age of cloud-based infrastructure and software services, the vestigial reliance on legacy systems makes little sense either from an efficiency standpoint or a financial perspective. Here are three ways IT professionals can update their technology for a more simplified and unified infrastructure with more uptime and lower costs.


    Fugue Adds New Governance Capabilities

    Fugue's latest release is purpose-built to help organizations go faster in the cloud and reduce risks and vulnerabilities associated with reliance on reactive legacy ops practices. Architected with a proactive approach, Fugue continuously assures policy compliance throughout the entire infrastructure lifecycle.


    C-Suite Check-in: Six Strategic Truths about Cloud

    Cloud is one of the most pervasive disruptors—discussed everywhere—yet still one of the least well understood. For most companies, its use is inevitable. Being on the strategic edge, with a view of what’s really happening and armed with knowledge that compels you to act, is probably the best place for the C-Suite to be.


    Fugue Helps Regulated Industries by Taking on Hardest Parts of the Cloud

    Building a cloud infrastructure that works is hard enough, but for government agencies or financial institutions, strict rules and regulations make for a particularly complicated governance challenge. Fugue CEO, Josh Stella, visited with John Walls and Stu Miniman, co-hosts of theCUBE, during this week’s AWS Summit in New York City to discuss how Fugue helps enterprises meet C-suite expectations.


    The 2017 SD Times 100: ‘Best in Show’ in Software Development

    Fugue has been named one of the top 10 IT Ops companies in the 2017 SD Times 100. The walls separating segments of what has become the modern software development life cycle have come a-tumblin' down. So development managers need to know more about infrastructure than ever before, and these are the companies leading the way.


    IT Pros Say: Cloud Needs a Makeover

    In significant numbers across the board, survey respondents cited cloud complexity, compliance and security, cost control, speed of delivery, and domain expertise as the cloud problems their organizations were working to overcome this year.


    Top cloud challenges: Security, compliance, and cost control

    A new Fugue survey, fielded to over 300 IT operations professionals, executives, and developers, found that most respondents believe that the cloud is not living up to expectations because of compliance and security concerns, unexpected downstream costs, and the glut of cloud management tools available in the market.


    Fugue targets government agencies for nitty-gritty cloud management

    Rules are important in the computing world, but they are everything for a government agency. That’s why Fugue Inc. has built a new kind of cloud-native automated operating system designed to mitigate risk and streamline system governance.


    AWS GovCloud adds several new services

    Fugue, a provider of automated cloud infrastructure management solutions, announced June 8 that its service is available in AWS GovCloud.


    Fugue Team Conductor Launched

    With the launch of the Fugue Team Conductor, the company delivers centralized control, advanced governance, and secure collaboration for operating on the cloud at scale.


    Guest View: Five tips for moving fast and well in the cloud

    Here’s the not-so-surprising moral of this story: The key to cloud productivity lies in automating — not only an application’s build, but its provisioning, operations, monitoring processes, in fact, the application’s entire software development life cycle.


    Fugue Named a ‘Cool Vendor’ by Gartner

    Fugue, a leading provider of automated cloud infrastructure management solutions, announced today its inclusion on the "Cool Vendors" list in the 2017 Cloud Computing report published by Gartner, Inc.


    How Do You Control a Cloud?

    The enterprise cloud ecosystem is complex – use these top 5 best practices to holistically optimize your cloud operations, security and compliance.


    Maryland Startup Fugue Scoops $41M in New Funding Round

    Frederick, Md.-based cloud data infrastructure startup Fugue has picked up about $41 million in a new funding round. The Series D round was led by Washington, D.C.-based New Enterprise Associatesand included investment from the Maryland Venture Fund, a previous investor, the Future Fund, the sovereign wealth fund of Australia.


    Cool tech at AWS re:Invent

    With the free version of Fugue, you can provision multiple cloud environments and enforce infrastructure configurations across AWS regions in a single account.


    Getting Cloud Out Of A Fugue State

    The polyphonic weavings of a fugue in baroque music is a beautiful thing and an apt metaphor for how we want orchestration on cloud infrastructure to behave in a harmonic fashion. Unfortunately, most cloudy infrastructure is in more of a fugue state, complete with multiple personalities and amnesia.


    Fugue Cloud Management Tool Launched for AWS

    Fugue (pronounced few-g) has launched what it calls the “first cloud-native technology that manages the full lifecycle of cloud infrastructure to enterprise IT standards.”


    Start-Up Launches Cloud Management Tool for AWS

    In a new report, research firm Gartner Inc. noted that the depth and complexity of Amazon Web Services Inc. (AWS) offerings — and the pace of new service introductions — lend themselves to professional assistance for optimized use by enterprises.


    Fugue Solves Pain Point of Running AWS at Scale

    A former Amazon Web Services (AWS) engineer co-founded a company — Fugue — which today announced its cloud infrastructure automation product, also named Fugue. The software is designed to help AWS customers simplify their use of the cloud.


    Fugue Aims to Automate Serverless Computing

    Looking to accelerate the arrival of a new age of “serverless computing” in the cloud, Fugue today unveiled a management framework designed from the ground up to unify the management of widely distributed IT infrastructure resources.


    Fugue Raises $20M Series C Round For Its Cloud Operating System

    Fugue (the company previously known as Luminal), today announced that it has raised $20 million in a Series C funding round led by New Enterprise Associates (NEA). The Frederick, MD- and Washington, DC-based company’s previous investors, including Core Capital, are also part of this round.


    This N.Y. Design Firm Is Branching Out From the Music Biz

    After spending almost two decades creating album covers for artists like the Rolling Stones and Talking Heads, Stefan Sagmeister wanted to branch out. Enter Jessica Walsh. Initially joining as a designer in 2011, two years later, at the age of 27, she was made partner. The duo announced the news with a nude photo together—something Sagmeister is famous for. Now, the New York-based firm boasts a diverse range of clients, from Levi's to the Guggenheim Museum to Columbia University.

  • Northern Virginia Technology Council

    Fugue named a 2018 NVTC Tech 100 company

    The Northern Virginia Technology Council has named Fugue a 2018 NVTC Tech 100 company. The NVTC Tech 100 are the companies and individuals who are driving tech innovation, implementing new solutions for their customers, and leading growth in the Greater Washington region.

  • Help Net Security

    Fugue releases Risk Manager to ID cloud compliance violations

    Fugue announces Risk Manager, a SaaS solution that inspects cloud infrastructure environments and identifies resource configuration issues for common compliance regimes. Fugue Risk Manager can identify configuration drift and revert it back to established known-good baselines as soon as it occurs.

  • DevOps Digest

    Fugue Risk Manager Released

    Fugue announced the release of Fugue Risk Manager, a new Software-as-a-Service (SaaS) solution designed to make it easier for enterprises to identify compliance issues in their cloud environments and prevent them from reoccurring.

Secure Your Cloud

Find security and compliance violations in your cloud infrastructure and ensure they never happen again.