Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Address your open source coverage concerns with Snyk OSS Scanner
What do you like best about the product?
Snyk was onboarded to help with security vulnerability and license spread visibility across the open source frameworks that are used across the company. It has truly been a groundbreaking service that we start utilizing from the get go both in terms of identifying risk as well as enabling pathways to remediation. I strongly feel the tool was targeted towards developers to help with cross-functional collaboration and visibility into both the dependencies and the defects they contain.
What do you dislike about the product?
Business Metrics and reports could be better
What problems is the product solving and how is that benefiting you?
Coverage across OSS projects and frameworks, while embedding security into CI/CD pipelines
- Leave a Comment |
- Mark review as helpful
works great for us with mainly being a javascript and python shop.
What do you like best about the product?
developer-first and integrations work well with popular services like GitHub. CLI is also great as well.
What do you dislike about the product?
UI can sometime clunky and difficult to navigate. The API is good, but the Reporting API could use some improvements regarding getting stats on a group-level.
What problems is the product solving and how is that benefiting you?
Figuring out what our software is made of and the vulnerabilities within. Some benefits include seeing the amount of not-supported or abandoned projects we use and being able to report on it.
Great Reports
What do you like best about the product?
Able to view an organisation wide report on all the vulnerabilities of each package in the repos.
What do you dislike about the product?
I'm not sure if this is a feature, but maybe more automation like github dependency issues where a PR can be submitted with the click of a button from snyk.
What problems is the product solving and how is that benefiting you?
We are a security company and our customers security are highest priority, having snyk be proactive for us to jump on vulnerabilities in packages are critical.
Great tool for tracking vulnerabilities
What do you like best about the product?
It’s completely automated eliminates lots of manual intervention for fixing the vulnerability with different versions of repository.
What do you dislike about the product?
Sometimes the vulnerability alerts might not be genuine.
What problems is the product solving and how is that benefiting you?
Identify secure vulnerability versions.
Recommendations to others considering the product:
It's a great automated software for detecting vulnerabilities.
First-class cloud compliance platform, wonderful to use
What do you like best about the product?
Ability to visualize and easily navigate our cloud infrastructure, getting a birds-eye view of our configuration items and policies, with custom rules, alerts, and exceptions as needed. The policy enforcement is a powerful tool for correcting baseline drift. The front-end of the app is very well made so there are no UX problems in my view. I use a lot of tools, and am not shy about delivering the news when it is painful to use- Fugue is great to use.
What do you dislike about the product?
If I had to pick something annoying, I guess the visualizer could render faster.
What problems is the product solving and how is that benefiting you?
Change/ configuration management and visibility into our cloud security posture, with the ability to enforce policy. Provides a key component for DevSecOps.
Fugue Keeps Your Infrastructure Compliant and Drift Free
What do you like best about the product?
Fugue allows me to quickly identify what parts of our cloud infrastructure are not compliant with our policies, understand why that policy is important, what other components would be affected and then gives me the steps to remediate the problem. Once everything is compliant, Fugue can monitor for drift and automatically correct things that go out of compliance. The product already had a bunch of great pre-made policies for common compliance types, but you can also use an industry standard and open language to create custom rules for any compliance that your company may have. Using the built-in visualizer lets you quickly see how your infrastructure components tie together and how the compliance failure in one area can affect other parts of your product.
Fugue, the company, has been laser focused on cloud compliance for years. Their experience has led to an industry best product for ensuring that your cloud environment is secure and stays that way. Compliance and drift monitoring are critical for anyone running production workloads in the cloud, and Fugue is the absolute best solution to provide those.
Fugue, the company, has been laser focused on cloud compliance for years. Their experience has led to an industry best product for ensuring that your cloud environment is secure and stays that way. Compliance and drift monitoring are critical for anyone running production workloads in the cloud, and Fugue is the absolute best solution to provide those.
What do you dislike about the product?
Fugue has the experience and knowledgable staff to built the best-in-class compliance monitoring and enforcement solution, but sometimes there are features of the product that I would like to take advantage of, which don't yet fit with how I organized my cloud environment many years ago. If I were building our cloud environment today, green field, I would have used current best practices which would better match up with how Fugue expects thing to be laid out. They are always improving the product and soon this won't be a concern at all. Overall this affects very few parts of our usage of Fugue, but it can be frustrating to have to wait for a feature to be rolled out.
What problems is the product solving and how is that benefiting you?
GlobalGiving uses Fugue to ensure that our environment is compliant with PCI, and that nothing changes within our environment which would then violate our policies. Fugue continuously monitors for changes that might cause compliance violations or weaken our security, then alerts our staff so we can fix things before they cause any real problems. We have reduced the number of accidental changes, and completely eliminated changes which were not made through our Infrastructure as Code solution.
Our experience with Fugue has been fantastic
What do you like best about the product?
Fugue has simplified the process of maintaining and demonstrating compliance for our cloud environment, a task that now requires fewer resources and a fraction of the time. With Fugue, we now have access to the full configuration and compliance history of our cloud and can analyze that data and create our own custom reports in ways we haven't been able to before. And the Fugue team has been great to work with and committed to our success with the product.
What do you dislike about the product?
Honestly, there's nothing we dislike.
Like every system, there are a few bugs. But their support team has been very responsive to my engineers, working with them to either correct any bugs or answer any of our questions.
Like every system, there are a few bugs. But their support team has been very responsive to my engineers, working with them to either correct any bugs or answer any of our questions.
What problems is the product solving and how is that benefiting you?
Our biggest problem was to ensure that our SaaS products hosted on AWS met various security requirements (NIST, ISO, GDPR, SOC-2, etc).
Fugue is able to do this easily.
We are NIST-compliant, and we had a potential customer require us to be ISO-compliant. By going into Fugue and turning on the ISO compliance family, we were able to demonstrate that we were compliant at that level as well. That would have taken a month of engineering time to demonstrate, potentially losing that customer.
Fugue is able to do this easily.
We are NIST-compliant, and we had a potential customer require us to be ISO-compliant. By going into Fugue and turning on the ISO compliance family, we were able to demonstrate that we were compliant at that level as well. That would have taken a month of engineering time to demonstrate, potentially losing that customer.
Fugue Compliance tool provides great value and visibility
What do you like best about the product?
I’ve been working with the team at Fugue for almost a year now. Their customer service is excellent for working on issues from more of a collaborative approach than just a “Helpdesk” aspect. Ankush and Amelia have been a pleasure to work with and get to know professionally. It is apparent that this company believes in the services they provide. They have accommodated demos, deep dives and they welcome feedback on the product. We have more of a partnership with Fugue than just a vendor relationship. I would highly recommend this product to anyone looking for a great way to scan for Compliance and share these details with teams whether it is SRE, IT or Risk and Compliance focused.
What do you dislike about the product?
Nothing specific at this time - new dashboard reporting coming soon!
What problems is the product solving and how is that benefiting you?
Fugue provides different types of scans related to security industry practices for ease of knowing how to prioritize work for teams.
A Great Fit for Our Compliance Needs
What do you like best about the product?
We are migrating a large production workload from a Managed AWS Provider account to our own AWS accounts. We were in need of a product to ensure our new accounts were configured properly and HIPAA compliant. We evaluated a number of vendors over a few months that provided automated AWS configuration compliance scans. We choose Fugue based on ease of use, feature support, and HIPPA compliance support. We have been using Fugue for a few months now and it has been a great tool that helps us ensure our new AWS accounts are configured securely and stay compliant. In our testing we also found Fugue supported the most HIPAA controls across the various AWS services we use.
The interface is easy to use and understand. Rules seem to be well documented when more understanding or research is required.
The Visualizer tool is a nice bonus. It provides a graphical representation of our AWS accounts. You can zoom in and see your compliance at the object level.
The company seems very responsive to new ideas and feature requests.
The interface is easy to use and understand. Rules seem to be well documented when more understanding or research is required.
The Visualizer tool is a nice bonus. It provides a graphical representation of our AWS accounts. You can zoom in and see your compliance at the object level.
The company seems very responsive to new ideas and feature requests.
What do you dislike about the product?
While HIPAA compliance is our most important control point we would like to see additional compliance offerings like HITRUST.
What problems is the product solving and how is that benefiting you?
We are ensuring our AWS accounts are configured with best practices and that they stay HIPAA compliant.
You can't do cloud security better for cheaper
What do you like best about the product?
Upfront - we (New Light Technologies) are a Fugue partner but this does not color my comments below. We became a partner due to my appreciation for the value Fugue provides.
- Immediate value: as soon as you turn it on Fugue will help you secure your environments and save money. You will learn about resources that you likely are unaware of.
- Visibility: There is no easier way to track what has changed in your cloud environments, across multiple vendors. I've tried other tools and writing my own scripts.
-Trusted insight: When Fugue says your services are or are not compliant with a sec family (e.g. HIPAA, SOC, PCI, etc. ) you can trust their analysis.
-Customer focused - Fugue will work with you if you have needs or ideas that that they have not implemented. Also, their development roadmap is inline with what we, cloud security folks, need. And they are aggressive about releasing new features.
- Immediate value: as soon as you turn it on Fugue will help you secure your environments and save money. You will learn about resources that you likely are unaware of.
- Visibility: There is no easier way to track what has changed in your cloud environments, across multiple vendors. I've tried other tools and writing my own scripts.
-Trusted insight: When Fugue says your services are or are not compliant with a sec family (e.g. HIPAA, SOC, PCI, etc. ) you can trust their analysis.
-Customer focused - Fugue will work with you if you have needs or ideas that that they have not implemented. Also, their development roadmap is inline with what we, cloud security folks, need. And they are aggressive about releasing new features.
What do you dislike about the product?
-Not all services in AWS and Azure are covered: I realize this is a reality of developing software like Fugue and it's not that big of a deal but sometimes we run into a service that is not tracked. When we come across these rare situations, we submit a feature request and Fugue is quick to add the new service coverage.
-Not all of my customers use Fugue: We encounter situations where customers are not Fugue users. This makes getting them compliant tough, and when we are forced to use other products in the market or attempt to validate things on our own, the true value of Fugue becomes apparent.
-Not all of my customers use Fugue: We encounter situations where customers are not Fugue users. This makes getting them compliant tough, and when we are forced to use other products in the market or attempt to validate things on our own, the true value of Fugue becomes apparent.
What problems is the product solving and how is that benefiting you?
-Getting cloud environments safe and compliance with security families like: SOC, PIC, HIPAA, NIST 800-53, etc.
-Ensuring that compliant cloud environments do not deviate from the approved configuration. This is done with drift detection and remediation.
-Discovering the breadth of our cloud accounts via tools like Fugue's Visualizer.
-Ensuring that compliant cloud environments do not deviate from the approved configuration. This is done with drift detection and remediation.
-Discovering the breadth of our cloud accounts via tools like Fugue's Visualizer.
Recommendations to others considering the product:
Give it a try via their free trial. The software sells itself.
showing 101 - 110