Security News > 2020 > January > Fugue open sources Regula to evaluate Terraform for security misconfigurations and compliance violations
Fugue has open sourced Regula, a tool that evaluates Terraform infrastructure-as-code for security misconfigurations and compliance violations prior to deployment.
Regula rules are written in Rego, the open source policy language employed by the Open Policy Agent project and can be integrated into CI/CD pipelines to prevent cloud infrastructure deployments that may violate security and compliance best practices.
Regula works independently of Fugue, but can be integrated with Fugue for end-to-end cloud infrastructure security and compliance.
Both Regula and Fugue utilize the open-source Rego policy language, and developers can easily create their own rules for Regula and Fugue using a similar syntax.
In addition to Fugue Enterprise, Fugue offers Developer, a free tier available to individual engineers who need to ensure continuous security and compliance of their cloud infrastructure environments.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/sAMzmcAIFxM/
Related news
- Compliance Isn’t Security: Why a Checklist Won’t Stop Cyberattacks (source)
- Misconfig Mapper: Open-source tool to uncover security misconfigurations (source)
- OSPS Baseline: Practical security best practices for open source software projects (source)
- Hetty: Open-source HTTP toolkit for security research (source)
- NetBird: Open-source network security (source)
- IntelMQ: Open-source tool for collecting and processing security feeds (source)
- AI Adoption in the Enterprise: Breaking Through the Security and Compliance Gridlock (source)
- YES3 Scanner: Open-source S3 security scanner for public access, ransomware protection (source)