A Developer-First Approach Collapsed the Time and Investment Needed to Deliver Secure Cloud Infrastructure at a Large Telecommunications Company
FREDERICK, MD. and POINTE-CLAIRE, Quebec — Nov. 11, 2021 — CWS, an IT services company helping large, heavily regulated enterprises migrate to the cloud, has partnered with Fugue, a cloud security SaaS company, to deliver developer-first cloud security for time-sensitive and mission-critical cloud deployments. Using the same policies for infrastructure as code checks and the cloud runtime environment, Fugue’s SaaS platform secures cloud infrastructure at every stage of the software development life cycle. Together, CWS and Fugue are focused on the rapid delivery of secure cloud infrastructure, starting with a large telecommunications company and resulting in a 90% faster deployment using 50% fewer engineering resources.
“Time and again we see critical cloud initiatives get bogged down in time-consuming enterprise security processes that kill development velocity,” said Rajat Sharma, founder of CWS. “After evaluating a number of tools, Fugue was the only one that addressed cloud security end-to-end using the same set of policies, reducing delivery times for security-critical cloud infrastructure from months to days and requiring only a fraction of the engineering investment previously needed.”
“Security is the rate-limiting factor for how fast enterprises can go in the cloud, and key to changing this is developer-centric security based on policy as code and automated enforcement,” said Josh Stella, co-founder and CEO of Fugue. “CWS has a track record of helping engineering teams innovate fast in challenging regulatory environments, and we’re thrilled they’ve chosen Fugue as their platform for operationalizing cloud security across the software development life cycle.”
CSA CloudBytes Webinar with Fugue and CWS
Josh Stella and Rajat Sharma are delivering a session for Cloud Security Alliance’s CloudBytes webinar series to demonstrate how companies can use policy as code and automation to move faster and more securely in the cloud. For more information and registration on “Transforming Enterprise Cloud Security to Supercharge Developer Velocity,” visit www.brighttalk.com/webcast/10415/515768.
About the Fugue SaaS Platform
Fugue is the only platform with a single policy engine so engineering teams can operationalize cloud security pre- and post-deployment.
- Infrastructure as Code (IaC) Security. Fugue provides IaC security for cloud resource configurations (Terraform; AWS CloudFormation) and container orchestration (Kubernetes Manifests). Cloud engineers can check their IaC configurations locally and develop custom enterprise policies using Fugue’s Unified Policy Engine, built on Open Policy Agent, the open standard for policy as code. Enterprises can centrally manage policies and ensure consistent enforcement across the organization.
- Cloud Compliance. Fugue fully automates compliance assessments and reporting across Amazon Web Services, Microsoft Azure, and Google Cloud. Fugue provides turnkey coverage for SOC 2, NIST 800-53, GDPR, PCI, HIPAA, ISO 27001, CSA CCM, CIS Controls, CIS Docker, and CIS Foundations Benchmarks for Amazon Web Services (AWS), Microsoft Azure, Google Cloud, and Kubernetes. Prioritized remediation guidance helps teams bring cloud environments into compliance quickly and build confidence and trust with management, auditors and customers.
- Cloud Native Security. Fugue detects common and complex cloud misconfiguration vulnerabilities before malicious hackers can find and exploit them. Fugue’s unified policy engine supports multi-resource rules that can evaluate configurations in context and identify vulnerabilities such as overly broad identity and access management (IAM) policies and user permissions. Teams can investigate cloud indicators of compromise (IoCs) and create a forensic audit trail of all cloud resource changes over time.
Fugue is a cloud security SaaS company enabling regulated companies such as AT&T, Red Ventures, and SAP NS2 to ensure continuous cloud security and earn the confidence and trust of customers, business leaders, and regulators. Fugue empowers engineering and security teams to automate cloud policy enforcement and move faster than ever before — without breaking the rules. Since 2013, Fugue has pioneered the use of policy-based cloud security automation and earned the patent on policy as code for cloud infrastructure. For more information, connect with Fugue at www.fugue.co, GitHub, LinkedIn and Twitter.
CWS is a boutique cloud consultancy firm that provides resilient, state-of-the-art cloud infrastructure solutions. Having architected solutions for companies ranging from small, family-run businesses to global telecommunication enterprises, CWS ensures that businesses both big and small are equipped with everything they need to be successful in the cloud. Since 2015, CWS has been providing clients with modern, battle-tested solutions to their cloud requirements while making the extra effort to ensure their clients have the resources and knowledge required to manage their cloud infrastructure into the future. Connect with CWS at www.wearecws.com or on LinkedIn.
All brand names and product names are trademarks or registered trademarks of their respective companies.
Tags: Fugue, cloud security, SaaS, CWS, infrastructure as code, IaC, policy as code, unified policy engine, cloud, runtime security, cloud infrastructure, cloud policy enforcement, cloud security automation, Cloud Security Alliance