Fugue, the company automating security and compliance enforcement in the cloud, today announced the availability of the Fugue Compliance Suite to make it easier for enterprises to validate cloud infrastructure against security and compliance policy to prevent data breaches. Included in the Fugue 1.8 product release, the Compliance Suite contains pre-built validations expressed in policy-as-code libraries that are mapped to AWS CIS Benchmarks, NIST 800-53 Rev. 4, GDPR, and HIPAA.
“As enterprise cloud adoption increases, so have data breaches and other security and compliance incidents due to cloud misconfiguration exposure,” said Phillip Merrick, CEO of Fugue. “Because of this, cloud security and compliance are now top enterprise priorities, but it’s important that solutions don’t slow the pace of innovation. The Fugue Compliance Suite is designed to help cloud teams move fast and at scale to ensure that compliance policy is continuously enforced at every stage.”
Cloud infrastructure and security teams can use the Fugue Compliance Suite to automatically identify compliance violations. This allows teams to easily establish known-good infrastructure baselines that can be replicated, shared, scaled, and continuously enforced. Automated policy checks can be integrated into CI/CD pipelines to support DevOps speed and agility while preventing resources that violate compliance standards from being provisioned. For running infrastructure, Fugue automatically identifies unauthorized changes and reverts them back to a known-good baseline. This eliminates critical vulnerabilities the moment they occur.
The Fugue Compliance Suite includes pre-built, policy-as-code libraries for the following compliance regimes:
- NIST 800-53 Rev. 4 (National Institute of Standards and Technology). A catalog of security controls developed by NIST that are used to protect federal government information systems.
- AWS CIS Benchmarks (Center for Internet Security). Consensus-based industry best practices to help organizations assess and improve their security.
- HIPAA (Health Insurance Portability and Accountability Act). Law requiring all HIPAA-covered businesses to prevent unauthorized access to Protected Health Information (PHI).
- GDPR (General Data Protection Regulation). Controls to enforce the European Union regulation for protecting the personal data and privacy of individuals within the EU and European Economic Area (EEA).
To learn more about how you can leverage the Compliance Suite to help secure your cloud infrastructure, please visit https://fugue.co/solutions/security-and-compliance/
To schedule an evaluation, email Fugue’s Solutions Architect team at firstname.lastname@example.org.
Fugue finds security risks and compliance violations in your cloud infrastructure and ensures they are never repeated. Fugue knows what is supposed to be running in your cloud environments, and, if any unauthorized changes are made, Fugue returns resources to a known-good state. The company has eight patents granted and 16 pending. Based in Maryland, Fugue’s investors include New Enterprise Associates, Future Fund, [Maryland Venture Fund]9http://www.marylandventurefund.com/), and Core Capital Partners. Fugue is an AWS Advanced Technology Partner and a Launch Partner in the AWS Cloud Management Tools Competency Program in the Governance category. Gartner named Fugue a Cool Vendor in Cloud Computing 2017. To learn more about Fugue, visit www.fugue.co.
Gabrielle Jasinski for Fugue