Fugue, the company putting engineers in command of cloud security and compliance, announces new capabilities for bringing public cloud container resources into compliance and ensuring the continuous security of container runtime configurations.
The new capabilities deliver security and compliance visibility and reporting for managed container services offered by Amazon Web Services and Microsoft Azure and turnkey support for the CIS Docker Benchmark. The new Fugue features provide continuous configuration visibility, security checks, and compliance reporting for AWS Elastic Container Service (ECS) with Fargate, AWS Elastic Kubernetes Service (EKS), Azure Container Instances, and Azure Container Registry.
Managed container resources
Developers can run policy checks on their infrastructure-as-code to ensure their managed container resources are configured securely according to the CIS Docker Benchmark and their custom rules, and use those same rules to ensure continuous container runtime security in production.
“Fugue has simplified the task of establishing compliance visibility and reporting across our entire cloud footprint and ensuring our environment stays secure,” said Ben Carter, Vice President of Enterprise Architecture at Red Ventures. “As Red Ventures leverages more cloud-native services, Fugue’s new container runtime security capabilities empower our teams to innovate fast while streamlining cloud security and compliance at every stage of development and operations.”
Cloud security coverage
Our customers are increasingly taking advantage of the managed container services offered by cloud providers"
“Our customers are increasingly taking advantage of the managed container services offered by cloud providers such as AWS and Microsoft Azure, and they need an efficient and effective way to ensure those resources are configured securely and stay that way,” said Josh Stella, co-founder and CEO of Fugue. “We’re excited to extend Fugue’s next-generation cloud security coverage to include public cloud container runtime security so our customers can keep moving fast and know their infrastructure and data remains secure and in compliance.”
Fugue recently introduced next-generation Cloud Security Posture Management (CSPM) capabilities that leverage its cloud state machine and OPA-based policy-as-code engine to provide customers with continuous visibility into the full configuration state and security posture of their entire environment.
Streamlining cloud compliance
With Fugue’s data warehouse, teams can analyze their data using Fugue’s native tools or their third party business intelligence (BI) and security information and event management (SIEM) tools. Fugue radically streamlines cloud compliance with full historical audit evidence and out-of-the-box support for industry standards, including CIS Foundations Benchmarks, CIS Docker Benchmark, GDPR, HIPAA, ISO 27001, NIST 800-53, PCI, and SOC 2.
Fugue supports custom enterprise policies using OPA and provides the Fugue Best Practices framework to protect against advanced misconfiguration exploits that compliance frameworks can miss, including complex Identity and Access Management (IAM) vulnerabilities. Fugue offers Enterprise and Team plans under a 30-day free trial, and the free Fugue Developer plan for individual engineers. Fugue is available in the AWS Marketplace. It takes just 15 minutes to get up and running with Fugue.