Fugue Platform

Infrastructure Provisioning and Automated Baseline Enforcement

  • Scan Your Cloud Environment

     Scans your environment for violations of compliance standards such as CIS Benchmark, NIST 800-53, HIPAA, and GDPR

  • Provision an Infrastructure Baseline

    Deploys infrastructure-as-code files as your baseline. The Platform provides compile-time feedback about successful infrastructure deployment.

  • Run Policy-As-Code Checks Before Deploying

    Uses out of the box policies to check infrastructure files prior to deployment for compliance violations.

  • Enforce a Known-Good Baseline

    After deployment, detects unauthorized infrastructure changes and reverts them back the baseline to enforce continuous compliance.

Compliance Validations

Fugue applies content libraries as policy as code to validate whether infrastructure is in compliance with regulations or standards such as NIST 800-53, HIPAA, CIS Benchmark, and GDPR.

Fugue performs validation at compile/design time and runtime to ensure that no infrastructure violating policy is deployed to production.

Policy As Code Example
####################################
# Example Library to Validate Region
####################################

import Fugue.AWS as AWS

fun noCaCentral1(region: AWS.Region) -> Validation:
  case region of
  | AWS.Ca-central-1 -> Validation.error {message: "Region Ca-central-1 prohibited"}
  | _                -> Validation.success

validate noCaCentral1

ORCHESTRATION ENGINE

Fugue Conductor

Fugue’s Conductor is the orchestration engine that provisions and instantiates infrastructure specified by definition files. Each file runs on the Conductor as a process that can be suspended, resumed, or killed similar to OS processes.

The Conductor architecture is highly secure—the Conductor does not listen on any open ports and all outbound traffic is sent only to Cloud Provider APIs. All traffic is encrypted and executed by queuing services or notification services.

Fugue Conductor

Fugue Console

Fugue Console is a web interface that enables users to visually view, create, and manage Fugue actions for cloud resources.

Users can deploy compositions and validation policies, manage enforcement settings, and deep-dive into the health of running processes.

Fugue Console

Fugue Composer

Fugue Composer is an application that scans your AWS accounts and generates an accurate visualization of your cloud infrastructure resources and their relationships.

Fugue Composer also visually displays how your resources may violate compliance or security policies. Noncompliant resources are clearly tagged and the violations are marked in infrastructure definition files.

Fugue Composer

Interested in a SaaS solution? Check out Risk Manager

Find security and compliance violations in your cloud infrastructure and ensure they never happen again.