Skip to content

Fugue IaC Empowers Enterprises to Eliminate Security Gaps using 50% Fewer Engineering Resources, Speeding Up Cloud Infrastructure Deployment

FREDERICK, Md. — Sept. [28], 2021 — Fugue, a cloud security SaaS company, today announced Fugue IaC, a unified platform for securing infrastructure as code (IaC) and cloud runtime environments using a single set of policies. Powered by a Unified Policy Engine, Fugue IaC saves cloud teams significant time and ensures consistent policy enforcement that eliminates the security gaps and wasted effort that come with using separate policies for IaC security and cloud security posture management (CSPM).


A Transformer sponsor of the event, the company will be demonstrating Fugue IaC virtually at DevOps World 2021, Sept. 28-30. Also, Fugue co-founder and CEO Josh Stella will be presenting on Hacking the Cloud: Simulating a Misconfiguration Exploit on Sept. 28 at 11:30 AM ET.


“Security represents the rate-limiting factor for how fast cloud engineering teams can go, and in order to change this, they need policy-based automation at every stage of the development life cycle — from infrastructure as code through the runtime—based on a single source of truth,” said Stella. “The Fugue IaC and its Unified Policy Engine empower teams to ensure cloud security across development and operations using 50% fewer engineering resources while speeding up infrastructure approvals and deployments.”


Developer-Friendly Tools for IaC Security


Fugue delivers developer-friendly tooling to validate IaC templates against industry compliance standards and custom security policies — and builds automated IaC checks into Git workflows and CI/CD pipelines to prevent misconfiguration vulnerabilities in deployments. Cloud security teams can use those same policies to ensure cloud runtime environments stay secure post-deployment, including cloud resources deployed outside of IaC and CI/CD pipelines.


According to a cloud security engineer at customer Nexthink, the leader in digital employee experience (DEX) management software, Open Policy Agent (OPA) rules can be used to efficiently detect and remediate cloud vulnerabilities and compliance issues early in the development of infrastructure-as-code pipelines — before they ever reach production. Furthermore, the same rules they use with Fugue to continuously secure their public cloud environments against misconfiguration risk are a game-changer that saves the Nexthink team a significant amount of time otherwise wasted reconciling different policies and frameworks.


Fugue IaC Security Powered by Open Policy Agent


Fugue provides centralized IaC security management for cloud resource configurations, container orchestration, and containers. Teams can use Fugue to establish IaC security visibility across their organization. Fugue’s Unified Policy Engine leverages open policy agent, the open standard for policy as code, and Regula, Fugue’s open source implementation of OPA for IaC and cloud security. OPA is a Cloud Native Computing Foundation (CNCF) graduated project.


Fugue IaC supports pre-deployment security checks for Terraform (HCL and plan files), AWS CloudFormation (YAML, JSON, AWS CDK, or composed by hand), Kubernetes manifests, and Dockerfiles. Fugue provides developer-friendly tooling for creating and testing custom policies using Rego, the language of OPA, and supports multi-resource checks to catch advanced cloud vulnerabilities. Developers can use Fugue to generate interactive visual maps of their IaC templates and export IaC diagrams to use for planning and approval processes.


Hundreds of Pre-Built Policies Mapped to Compliance Standards


Fugue provides hundreds of out-of-the-box rules for IaC and cloud runtime security that are mapped to SOC 2, NIST 800-53, GDPR, PCI, HIPAA, ISO 27001, CSA CCM, CIS Controls, CIS Docker, CIS Benchmarks for AWS, Microsoft Azure, Google Cloud, Docker, and Kubernetes. The Fugue Best Practices Framework provides additional protection by catching vulnerabilities that compliance standards can miss.


Learn More About Fugue IaC


Fugue IaC is generally available, starting at $500 per month.


About Fugue


Fugue is a cloud security SaaS company enabling regulated companies such as AT&T, Red Ventures, and SAP NS2 to ensure continuous cloud security and earn the confidence and trust of customers, business leaders, and regulators. Fugue empowers engineering and security teams to automate cloud policy enforcement and move faster than ever before — without breaking the rules. Since 2013, Fugue has pioneered the use of policy-based cloud security automation and earned the patent on policy as code for cloud infrastructure. For more information, connect with Fugue at, GitHub, LinkedIn and Twitter.




All brand names and product names are trademarks or registered trademarks of their respective companies.




Media Contact:


Dottie O’Rourke

TECHMarket Communications

(650) 344-1260


Fugue Developer

Free Cloud Security for Engineers

  • Visualize your cloud infrastructure
  • Run policy checks and get feedback
  • Detect change and eliminate misconfiguration