Fugue Organization Management streamlines security oversight for large cloud operations

Fugue announced a cloud security platform that enables enterprises to establish centralized security visibility and governance over their cloud environments, while empowering individual business units with the flexibility they need to innovate and compete.

Now, Fugue Organization Management operationalizes cloud security across the entire organization, allowing companies to effectively scale their existing cloud security resources using policy-based automation and help engineering teams eliminate costly delays and deliver secure cloud infrastructure fast.

As enterprises expand cloud usage for more applications, the complexity of keeping their environment secure and in compliance grows. Different applications carry different risks and policy requirements based on use case and locality, and they often use different cloud service providers, system architectures, and tooling.

Managed service providers face similar challenges managing cloud security for multiple clients that each bring a variety of unique use cases, policy requirements, and organizational structures. Fugue’s Organization Management streamlines onboarding and security oversight for large and complex cloud operations, improving operational efficiency by as much as 80%.

“Zivra’s advisory services and our proprietary DevSecOps framework focuses on understanding our enterprise customers’ cloud security posture and their enterprise-wide policies without compromising the flexibility of their business,” said JJ Alvarez, founder and managing director at Zivra. “Fugue’s Organization Management capabilities work well with our shift left and infrastructure security offerings to address the need for continuous visibility over global cloud environments. Fugue’s technology solution gives us the ability to implement global policies for our customers consistently while preserving a flexible team structure.”

“Every enterprise is structured differently, with multiple business units making decisions that address their specific use cases, creating massive security and governance challenges,” said Josh Stella, co-founder and CEO of Fugue. “Within hours, Fugue helps IT and security leaders know their cloud environments are secure and adhere to policy at all times, while empowering individual teams to move fast and efficiently while addressing local requirements.”

Cloud security visibility over the enterprise

Fugue empowers central security operations teams with real-time visibility into the full state and security posture of cloud environments across business units or customers. Security teams can:

• View consolidated organization-level reports to gain insight into the compliance and security of all cloud environments across cloud providers.
• Access individual cloud environments as needed to investigate vulnerabilities and modify policy settings to meet required security standards for each use case.
• Operationalize cloud security across the organization with business unit or customer reporting for IT chargebacks.

Consistent enforcement of cloud security controls

Fugue ensures that policy-driven cloud security controls are consistently interpreted, implemented and enforced across the entire organization. Security teams can:

• Leverage hundreds of pre-built rules mapped to more than a dozen compliance families and develop custom rules that can address complex, multi-resource vulnerabilities.
• Define organization-wide compliance “families” consisting of pre-built and custom rules and send them to cloud engineering teams for implementation.
• Apply organization-wide compliance families to any or all cloud operations to validate the security of their infrastructure as code and runtime environments.

Flexibility for business units and customers

Individual business units or customers have specific needs and requirements. Fugue enables the logical organization and customization of environments to empower individual engineering teams with the flexibility they need to operate with speed and efficiency. Security teams can:

• Enable role-based access controls (RBAC) for each environment to manage permissions and cloud account access for users, groups and API clients.
• Configure security and compliance settings at the organization or environment level so compliance families can be applied to all environments across the board or customize which specific rules apply to each environment.
• Set up notifications to alert the security team when Fugue identifies policy violations or potential misconfiguration vulnerabilities in any environment.

Fugue secures AWS, Microsoft Azure, and Google Cloud environments and pre-deployment infrastructure as code security checks for Terraform, AWS CloudFormation, Kubernetes manifests, and Dockerfiles. Fugue provides turnkey coverage for SOC 2, NIST 800-53, GDPR, PCI, HIPAA, ISO 27001, CSA CCM, CIS Controls, CIS Docker, the AWS Well-Architected Framework, and CIS Foundations Benchmarks.

Fugue’s Unified Policy Engine leverages Open Policy Agent (OPA), the open standard for policy as code and a Cloud Native Computing Foundation (CNCF) graduated project.