FREDERICK, Md.–Fugue, the company automating enterprise cloud security and compliance enforcement to prevent data breaches and policy violations due to misconfiguration, today announced the availability of Fugue Risk Manager. A Software-as-a-Service (SaaS) offering, Fugue Risk Manager can identify compliance violations in cloud environments and automatically remediate unauthorized infrastructure changes.
Enterprise cloud teams can use Fugue Risk Manager to scan cloud infrastructure to identify policy violations for a number of compliance regimes, including Amazon Web Services (AWS) Center for Internet Security (CIS) Benchmarks, National Institute of Standards and Technology (NIST) 800-53 Rev. 4, General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA), and custom, customer-specified controls. Fugue Risk Manager can then enforce known-good infrastructure baselines provisioned by the cloud team in order to identify configuration drift and automatically remediate it as soon as it occurs.
“Enterprises operating at scale in the cloud face a governance challenge—how to ensure everything that’s running in their cloud adheres to compliance and security policy and is free of misconfiguration that can lead to critical security incidents,” said Phillip Merrick, CEO of Fugue. “Fugue Risk Manager provides enterprises with autonomic governance over their cloud infrastructure while supporting the speed and agility needed in today’s competitive environment.”
“With Fugue, I can demonstrate in real time that our cloud infrastructure is compliant all the time. We’ve never really had that before,” said Peter O’Donoghue, VP of Application Services at Unisys Federal. “Fugue’s strength is in providing centralized visibility and control across DevSecOps teams, thereby avoiding policy violations and misconfigurations in the cloud.”
The cloud is fundamentally different than the datacenter, and it introduces new demands for security and compliance. The risk of infrastructure misconfiguration due to human error can increase with highly dynamic, API-driven cloud infrastructure and can result in data breaches, system downtime, and costly compliance violations. Fugue Risk Manager addresses this risk with a cloud-native solution to provide security, compliance, and infrastructure teams with a single source of truth for their cloud infrastructure and the assurance that it always remains in compliance with policy.
“Monitoring and alerts on cloud deployments aren’t good enough for us. We can’t afford to have misconfiguration or unauthorized changes happen in the first place,” said Justin Rupp, Senior Systems Engineer, GlobalGiving. “Fugue gives us the peace of mind knowing our infrastructure is secure and compliant at all times.”
Identifying Cloud Infrastructure Risks
Fugue Risk Manager scans cloud environments to:
- Discover running cloud infrastructure resources
- Identify infrastructure compliance violations
- Generate comprehensive compliance reports
Enforcing Cloud Configuration Baselines
Once known-good infrastructure baselines have been established, Fugue Risk Manager can:
- Identify unauthorized change and configuration drift
- Automatically remediate drift events back to the provisioned baseline
- Generate reports on remediation events for compliance
Easy to Adopt and Scale
It takes as little as 15 minutes to get up and running with Fugue Risk Manager and start identifying compliance violations in your cloud environments. Fugue Risk Manager integrates with today’s cloud infrastructure provisioning tools to allow for approved changes while preventing unauthorized changes that can lead to compliance issues and security breaches.
“Traditionally, there’s been a chasm between security teams that need to ensure critical data is protected, compliance teams that need to ensure policy adherence, and infrastructure teams that need to move fast and innovate. These competing priorities have often been at odds with each other,” said Josh Stella, co-founder and CTO of Fugue. “Fugue Risk Manager is designed to eliminate these tradeoffs and provide cloud stakeholders with a common, single source of truth for cloud infrastructure and the assurance it remains secure, compliant, and resilient.”
To schedule an evaluation of your cloud compliance and security needs, email Fugue’s Solutions Architect team at [email protected].
Fugue automates enterprise cloud security and compliance enforcement to prevent data breaches, policy violations, and system downtime. Fugue provides security, compliance, and infrastructure teams with continuous visibility into the state of their cloud infrastructure and the assurance that it remains in compliance with policy. Fugue’s investors include New Enterprise Associates, Future Fund, Maryland Venture Fund, In-Q-Tel (IQT), and Core Capital Partners. Fugue is an AWS Advanced Technology Partner and a Launch Partner in the AWS Cloud Management Tools Competency Program in the Governance category. Fugue was named a Cybersecurity Breakthrough Award winner in the IaaS category and a Gartner Cool Vendor in Cloud Computing. To learn more about Fugue, visit www.fugue.co.