Security News > 2020 > January > Fugue open sources Regula to evaluate Terraform for security misconfigurations and compliance violations
Fugue has open sourced Regula, a tool that evaluates Terraform infrastructure-as-code for security misconfigurations and compliance violations prior to deployment.
Regula rules are written in Rego, the open source policy language employed by the Open Policy Agent project and can be integrated into CI/CD pipelines to prevent cloud infrastructure deployments that may violate security and compliance best practices.
Regula works independently of Fugue, but can be integrated with Fugue for end-to-end cloud infrastructure security and compliance.
Both Regula and Fugue utilize the open-source Rego policy language, and developers can easily create their own rules for Regula and Fugue using a similar syntax.
In addition to Fugue Enterprise, Fugue offers Developer, a free tier available to individual engineers who need to ensure continuous security and compliance of their cloud infrastructure environments.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/sAMzmcAIFxM/
Related news
- Drozer: Open-source Android security assessment framework (source)
- Six steps for security and compliance in AI-enabled low-code/no-code development (source)
- Cloud Console Cartographer: Open-source tool helps security teams transcribe log activity (source)
- Establishing a security baseline for open source projects (source)
- BLint: Open-source tool to check the security properties of your executables (source)
- OWASP dep-scan: Open-source security and risk audit tool (source)