Security News > 2020 > January > Fugue open sources Regula to evaluate Terraform for security misconfigurations and compliance violations
Fugue has open sourced Regula, a tool that evaluates Terraform infrastructure-as-code for security misconfigurations and compliance violations prior to deployment.
Regula rules are written in Rego, the open source policy language employed by the Open Policy Agent project and can be integrated into CI/CD pipelines to prevent cloud infrastructure deployments that may violate security and compliance best practices.
Regula works independently of Fugue, but can be integrated with Fugue for end-to-end cloud infrastructure security and compliance.
Both Regula and Fugue utilize the open-source Rego policy language, and developers can easily create their own rules for Regula and Fugue using a similar syntax.
In addition to Fugue Enterprise, Fugue offers Developer, a free tier available to individual engineers who need to ensure continuous security and compliance of their cloud infrastructure environments.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/sAMzmcAIFxM/
Related news
- GitHub CISO on security strategy and collaborating with the open-source community (source)
- Fleet: Open-source platform for IT and security teams (source)
- Beyond VPN: How TruGrid Simplifies RDP Deployment, Security, and Compliance (source)
- Orbit: Open-source Nuclei security scanning and automation platform (source)
- Compliance Isn’t Security: Why a Checklist Won’t Stop Cyberattacks (source)
- Misconfig Mapper: Open-source tool to uncover security misconfigurations (source)
- OSPS Baseline: Practical security best practices for open source software projects (source)