Skip to content
eBook
Engineer's Primer on Cloud and IaC Security
Read Now
eBook
The State of Cloud Security Report 2021
Read Now
Case Study
Ensuring Continuous Cloud Security and HIPAA Compliance with Real Time Medical Systems
Read Now
eBooks Case Studies Data Sheets Videos Masterclasses Lunch and Learns

eBooks

Case Studies

logo-rtms

Ensuring Continuous Cloud Security and HIPAA Compliance with Real Time Medical Systems
pr

PublicRelay is the most trusted media analytics partner for communications and marketing professionals at the world’s top brands.

Emsi logo 180x60

Emsi Demonstrates Proof of Compliance with Fugue
Sparkpost_180x60

How to detect security and compliance risks on an ongoing basis and streamline audit processes for AWS resources
nlt_180x60

Ensure continuous compliance and security within a complex AWS and Microsoft Azure infrastructure
globalgiving_logo

How does a global crowdfunding community rapidly migrate PCI-regulated applications to the cloud while preserving partner trust?
Fugue Logotype 180x60

Media Company: Relying on Cloud GRC Team to Secure Cloud Operations
Fugue Logotype 180x60

Digital Marketing & Commerce: CCoE Delivers Security and Compliance with Fugue

Data Sheets

Fugue Infrastructure as Code

Secure your infrastructure as code (IaC) in development and CI/CD —and use the same policies to secure your cloud runtime.

Fugue Cloud Security and Compliance

Fugue’s SaaS product and open source tools provide immediate visibility into AWS, Azure, and Google Cloud environments, and identify potential misconfiguration and compliance violations - before and after resources are deployed.

Fugue for AWS

AWS IaaS and PaaS tools have created challenges for teams responsible for managing compliance and security risks.

Fugue for Azure

Fugue ensures that your Azure infrastructure stays in continuous compliance with enterprise security policies.

Fugue for Google Cloud

Prove cloud infrastructure compliance, eliminate cloud misconfiguration, and Shift Left on cloud security in Google Cloud.

Fugue Visualizer

With the Fugue visualizer, DevOps teams, security engineers, and compliance analysts can auto-generate visual diagrams of their cloud resources.

PCI Compliance Made Easy With Fugue

If your organization accepts or processes payment cards, PCI DSS applies to you.

SOC 2 Compliance with Fugue

Developed by the AICPA, SOC 2 is designed to address how organizations should design systems of internal controls to address the security, availability, processing integrity, confidentiality, and privacy of customer data.

Videos

An Introduction to Fugue with Josh Stella

Take a look into the heart of Fugue with CEO Josh Stella. Learn how Fugue can bolster security across CI/CD and runtime, and about the engines that make it possible.

Introduction to Fugue Infrastructure as Code

Introducing Fugue Infrastructure as Code. Get a feel for the platform and its capabilities in this video with Fugue Solutions Engineer Ricardo Green.

Fugue in 3 minutes

Watch our short 3-minute video to see how Fugue can simplify your cloud security and compliance.

Fugue Product Tour

Learn how Fugue prevents cloud misconfiguration and ensures continuous compliance with enterprise security policies in this short product tour.

AWS Environment Discovery and Visualization

How to use Fugue to discover and visualize all the cloud resources you have running and how they are configured.

Baselining Your AWS Environment & Detecting Drift

How to use Fugue to baseline your cloud configurations and detect drift.

Baseline Enforcement

In cloud environments, enterprises face an increased likelihood of configuration and policy compliance violations—which may lead to security breaches, system downtime, and data loss.

SOC 2 Compliance for Your AWS

How to use Fugue to get your cloud configurations SOC 2 compliant.

Masterclasses

Thinking Like a Hacker

In this Cloud Security Masterclass Josh Stella helps you get into the mindset of an attacker probing your cloud environment. You’ll learn how to spot previously-missed vulnerabilities and determine the blast radius of your cloud security gaps.

Thinking Like a Hacker Part II: Real-World Exploits in Action

In Part 2, Josh simulates two real-world cloud misconfiguration attacks to demonstrate in real-time how these methods work in evading datacenter security approaches and take advantage of common cloud misconfigurations that compliance standards miss.

Avoiding a Cloud Security Collision with Policy-Based Automation

In this session, Charlene O'Hanlon (Media Ops) brings together Josh Stella (CEO, Fugue) and Matt Howard (EVP, Sonatype) to explore the inevitable convergence of development, ops, and security, and why this represents the first-ever opportunity to align all cloud stakeholders with policy automation up and down the stack — and left and right across the SDLC.

Minimizing the Blast Radius of a Cloud Breach

In this Cloud Security Masterclass, Josh Stella, Co-Founder and CEO, will walk through a process for understanding the blast radius of a variety of potential security events in your environment, and steps you can take to prevent minor ones from becoming catastrophic breaches.

How Hackers Exploit Dev and Test Environments

Join us as Josh Stella shows how hackers exploit common dev and test cloud environment vulnerabilities to steal production data.

Building a Highly Secure S3 Bucket Part I

In this masterclass, you'll gain a deeper understanding of S3 and how to think critically about cloud security for your specific use cases.

Building a Highly Secure S3 Bucket Part II

In this Cloud Security Masterclass, Fugue digs deeper into three critical components of S3 security to help you think critically about security for your unique AWS use cases.

Locking Down the Security of AWS IAM

Recent high-profile cloud-based data breaches have involved advanced cloud misconfiguration attacks exploit IAM misconfigurations that compliance controls and security professionals often miss.

Locking Down the Security of AWS IAM Part II

In this masterclass, Fugue CTO Josh Stella digs into AWS IAM to help you think more critically about security for your AWS use cases. You’ll understand how to identify AWS IAM misconfiguration vulnerabilities you’ve missed before—and the risks they pose.

Simulating Cloud Misconfiguration Attacks: AWS IAM

AWS Identity and Access Management (IAM) misconfiguration has become a primary attack vector for bad actors seeking to breach data on AWS. Even the most security-conscious cloud engineers can inadvertently misconfigure IAM services resulting in privilege escalation attacks or unauthorized account access.

Live Simulation of an Advanced Cloud Misconfiguration Exploit

Recent high-profile cloud breaches involve advanced tactics that took advantage of multiple resource misconfigurations to gain entry to environments, discover resources, move laterally, and extract data—all without detection. They don’t typically break compliance rules, and security teams won’t likely recognize them as vulnerabilities.

Live Simulation of Cloud Misconfiguration Attacks

Advanced attacks that exploit a common cloud misconfiguration vulnerabilities with VPCs, IAM, and other services are easily missed by security teams and compliance frameworks.

Cloud Misconfiguration Risk: What You Need to Know to Prevent Critical Breaches

Watch this webinar to gain a better understanding of cloud infrastructure misconfiguration, a major risk to any enterprise adopting the cloud and scaling cloud operations.

Simulating Misconfiguration Attacks: S3 Exploits

Amazon S3 object storage service is easy to use, extremely reliable, and incredibly popular, but it’s also a service that’s easy to get wrong.

Lunch and Learns

Securing Kubernetes Manifests with Fugue

In this session, Fugue’s Ricardo Green (Principal Solutions Engineer) will walk through how to find and fix security issues in your Kubernetes Manifest files pre-deployment.

Introducing Fugue Infrastructure as Code

Fugue's Ricardo Green (Principal Solutions Engineer) will walk through how Fugue streamlines cloud security across the development lifecycle and how teams can deliver secure infrastructure up to 3X faster while using 50% fewer engineering hours.

Infrastructure as Code Security with Regula

Fugue’s Curtis Myzie (VP Engineering) and Chris Suen (VP Product) will walk through how you can use Regula to identify policy violations in Terraform and AWS CloudFormation to save time and prevent cloud misconfiguration right from the start.

Integrating Infrastructure Security and Compliance into CI/CD

Application teams are increasingly moving security and compliance checks earlier in the software development life cycle (SDLC), when corrective changes are easier and faster to make.

Unraveling the Pitfalls of Soc 2 Audits

SOC 2 standard applies to any organization that stores or processes customer data in the cloud. How can organizations best prepare for their SOC 2 audit?

Security Threats Posed by Orphaned Cloud Resources

Orphaned cloud resources represent significant risks of misconfiguration and data breaches. A long-forgotten EC2 instance or VPC may contain OS vulnerabilities that hackers can use to gain access to your cloud environments.

Get Started with Fugue Today

Prevent misconfiguration and ensure continuous compliance with enterprise security policies.
REQUEST LIVE DEMO CONTACT SALES