Fugue

Why is cloud misconfiguration such a universal problem that puts enterprises at risk of critical breaches? There are simply too many resources, too much change, too many interfaces, and too many policies for humans to adequately track and govern without security automation.

Fugue surveyed IT and security professionals from more than 300 enterprise organizations on cloud infrastructure misconfiguration risk. While it surfaced a lot of concern over data breaches due to misconfiguration, here we dive into the cost enterprises incur in an attempt to manage the problem.

Cloud operations professionals will likely recognize the hypothetical infrastructure misconfiguration scenario outlined here ... and perhaps wince a bit. What all enterprises using cloud at scale have in common is that misconfiguration is not just a critical technical issue to contend with, but it’s a major management burden that soaks up significant time and expertise.

This blog addresses the cultural differences between DevOps and Security teams once they move to the cloud. DevOps teams feel that security and compliance issues slow down the development process while Security teams feel that they are a necessity when operating in the cloud.

A look at some of the most common kinds of cloud infrastructure misconfiguration and the resulting data breaches.

Cloud misconfigurations are a massive problem and pose serious risks to organizations as they move to the cloud. In this post, we address some of the most common cloud infrastructure misconfigurations and consequences resulting from misconfiguration.

Fugue CEO Phillip Merrick talks about the factors that led him to join Fugue. He’s spent more than a decade helping lead innovative and fast-growing cloud and SaaS companies such as webMethods, SparkPost, and VisualCV. A common concern at all of them was ensuring that the infrastructure, databases, and applications they put into the cloud were kept as safe and secure as possible. This assurance is exactly what Fugue provides by ensuring that cloud infrastructure both meets the organization’s security policies and doesn’t drift from the known good state.

Cloud infrastructure misconfigurations are preventable, yet they remain one of the most common security concerns for organizations moving to the cloud. Why has there been such a huge increase in misconfigurations and why are these breaches so damaging?

In some DevOps environments, security is often neglected or avoided because of the perception that the security team will introduce inefficiencies and dramatically slow the pace of development. Bypass the unnecessary risks of this approach by integrating security directly into your DevOps pipeline.

A follow-up post from our cofounder and CTO, Josh Stella, on using Emacs. He's pleased to report no dire consequences, and his wrists are thanking him. Emacs has been a solace from things that are actually difficult.