From the cloud providers
Introducing AWS CloudFormation Guard 2.0
Guard is a simple, open-source way for you to define constraints (e.g. is volume encrypted). With 2.0, AWS added a number of features to make it much easier to write guard rules -- better validation and testing, more concise and simple rules, a new IN operator, filtering, named rules, and making guard more general purpose (e.g. can be run on Terraform and Kubernetes configurations as well).
Export Google Cloud security data to your SIEM system
How to deploy a unified export pipeline that uses Cloud Pub/Sub and Dataflow to aggregate and stream logs from Cloud Logging, security findings from Security Command Center, and asset changes from Cloud Asset Inventory.
OS configuration management (preview)
Google introduced OS configuration management, which uses OS policies to automate and centralize the deployment, configuration, maintenance, and reporting of software configurations on your virtual machine (VM) instances.