Fugue, a company automating enterprise cloud security and compliance enforcement to prevent data breaches and policy violations due to misconfiguration, has announced the availability of Fugue Risk Manager.
A Software-as-a-Service (SaaS) offering, Fugue Risk Manager can identify compliance violations in cloud environments and automatically remediate unauthorised infrastructure changes.
Enterprise cloud teams can use Fugue Risk Manager to scan cloud infrastructure to identify policy violations for a number of compliance regimes.
Fugue Risk Manager can then enforce known-good infrastructure baselines provisioned by the cloud team in order to identify configuration drift and automatically remediate it as soon as it occurs.
“Enterprises operating at scale on cloud face a governance challenge – how to ensure everything that’s running in their cloud adheres to compliance and security policy and is free of misconfiguration that can lead to critical security incidents,” said Phillip Merrick, CEO of Fugue.
“Fugue Risk Manager provides enterprises with autonomic governance over their cloud infrastructure while supporting the speed and agility needed in today’s competitive environment.”
“With Fugue, I can demonstrate in real time that our cloud infrastructure is compliant all the time. We’ve never really had that before,” said Peter O’Donoghue, VP of Application Services at Unisys Federal. “Fugue’s strength is in providing centralised visibility and control across DevSecOps teams, thereby avoiding policy violations and misconfigurations in the cloud.”
The cloud is fundamentally different than the data centre, and it introduces new demands for security and compliance. The risk of infrastructure misconfiguration due to human error can increase with highly dynamic, API-driven cloud infrastructure and can result in data breaches, system downtime, and costly compliance violations. Fugue Risk Manager addresses this risk with a cloud-native solution to provide security, compliance, and infrastructure teams with a single source of truth for their cloud infrastructure and the assurance that it always remains in compliance with policy.
“Monitoring and alerts on cloud deployments aren’t good enough for us. We can’t afford to have misconfiguration or unauthorised changes happen in the first place,” said Justin Rupp, Senior Systems Engineer, GlobalGiving. “Fugue gives us the peace of mind knowing our infrastructure is secure and compliant at all times.”
Identifying cloud infrastructure risks
Fugue Risk Manager scans cloud environments to:
- Discover running cloud infrastructure resources
- Identify infrastructure compliance violations
- Generate comprehensive compliance reports
Enforcing cloud configuration baselines
Once known-good infrastructure baselines have been established, Fugue Risk Manager can:
- Identify unauthorised change and configuration drift
- Automatically remediate drift events back to the provisioned baseline
- Generate reports on remediation events for compliance
Easy to adopt and scale
It takes as little as 15 minutes to get up and running with Fugue Risk Manager and start identifying compliance violations in your cloud environments. Fugue Risk Manager integrates with today’s cloud infrastructure provisioning tools to allow for approved changes while preventing unauthorised changes that can lead to compliance issues and security breaches.
“Traditionally, there’s been a chasm between security teams that need to ensure critical data is protected, compliance teams that need to ensure policy adherence, and infrastructure teams that need to move fast and innovate. These competing priorities have often been at odds with each other,” said Josh Stella, co-founder and CTO of Fugue.
“Fugue Risk Manager is designed to eliminate these trade-offs and provide cloud stakeholders with a common, single source of truth for cloud infrastructure and the assurance it remains secure, compliant and resilient.”
Click below to share this article
