News Articles

CloudPassage is not unlike Nagios, save that it's Linux kernel 2.16+ specific. It's a daemon that connects to the CloudPassage website, for free (other services pending at an actual cost), that checks a configuration for sanity.

Zappos is using host-based distributed firewall management and exposure management tools from CloudPassage—going with what is essentially cloud security as a cloud service. Ozdemir sat down with SearchNetworking.com to discuss the Zappos cloud security strategy.

CloudPassage delivers a server security platform that's been "purpose-built for the cloud". Any company that subscribes to an Amazon EC2, Rackspace, Terremark, Gogrid or other cloud server solution is sharing the responsibility of securing their cloud servers.

CloudPassage came out of stealth mode in January 2011 with a SaaS offering bent on securing cloud servers across various types of clouds, whether they are private, public or hybrid with its Halo platform

Rand Wacker speaks with Cloud Expo Conference Chair Jeremy Geelan.

Guest: Rand Wacker - VP of Products, CloudPassage

TMC's Rich Tehrani speaks with Rand Wacker, Vice President of Product Management at CloudPassage.

Just as you need a trusty alarm system to keep your home as safe as possible, it is imperative to find a trusty cloud security platform that will watch over your servers and prevent breaches. Fortunately, as companies look to move to the cloud, CloudPassage is there to help make the process seamless and secure.

CloudPassage Vice President of Product Management, Rand Wacker talks to the Cloudist.

CloudPassage on Monday announced GhostPorts, a feature of Halo Professional. GhostPorts uses dynamic, time-based host firewall rules with single or two-factor authentication to provide very tight access control to network services.

Cloud server security provider CloudPassage is working with Amazon Web Services (AWS) to provide security to customers within Amazon EC2. CloudPassage has secured a membership in the Amazon Web Services (AWS) Solution Providers Program and through this relationship Amazon EC2 cloud customers will have access to CloudPassage Halo. Lightweight, portable, and elastic, CloudPassage Halo is the only server security platform, purpose-built for the cloud, which delivers multiple layers of defense for cloud servers.

And when it comes to developing cloud applications, there are a whole new set of things to worry about when it comes to security. Carson Sweet, CEO of CloudPassage, talked about some of the security issues when developing for the cloud.

Security is one of the major impediments to enterprises moving their resources into the cloud. So, it's not surprising that numerous cloud security companies are springing up, attempting to address specific cloud security issues, like protecting virtual machines or encrypting data in motion. Here are five up-and-coming companies - some still in stealth mode - that hold a great deal of promise.

NetIQ Cloud Security Service provides a secure proxy for logging into SaaS apps, like Google Apps and Salesforce.com. And CloudPassage embeds a security monitoring and policy enforcement tool into online cloud instances.

Carson Sweet, CEO of CloudPassage and Patrick chat about elastic security in the context of cloud computing. They cover perimeter vs. host security, automatic policy enforcement, and what it means to be purpose built for scale.

Another consideration is that security responsibilities vary across different cloud computing models, says Carson Sweet, CEO of CloudPassage, a software-as-a-service (SaaS) provider. "Customers move to the cloud for flexibility and control," he says. "Just remember that with more flexibility comes more responsibility for security."

Cloud Passage changes the way people think about security should be running in the cloud. Instead of creating a wall around the servers and getting frustrated by an ever-more-nebulous permitter, CloudPassage offers security by monitoring server configurations looking for problems, then shutting down or taking action when questionable behavior is detected. It's the difference between airport security in the U.S. versus Israel.

As it does each year, Dealmaker Media's Under the Radar conference, held April 28 in Mountain View, Calif., showcased some promising startup companies. The theme this time was "Consumerization of the Enterprise," reflecting the clear trend toward the use of consumer devices and cloud services in businesses. Most of the companies showed cloud-service related products. These are companies—carefully selected by Dealmaker Media founder Debbie Landa and her team—that are likely to be serious IT influencers in the months and years to come. Following are short descriptions of 16 of the most impressive companies selected, in alphabetical order, including their headquarters locations and links to their Websites. There's no doubt eWEEK will examine many of these in closer detail in the weeks and months to come.

What's one of the biggest hindrances slowing the migration to cloud computing? Concerns over security, that's what. Companies want to know where their data is, who has access to it and that it's protected. These 20 companies target three key areas for cloud security: security in the cloud, security for the cloud and security from the cloud. Whether it's a managed suite of security services or policy management and Web filtering, these companies guarantee nothing can get in or out unless it's supposed to. From small startups to security stalwarts, this list highlights innovators and mavericks in the cloud security space.

Security as a Service: Is it Safe? In the case of Cloud Passage, there is a very small agent called the Halo Daemon that installs within the organization's hosts, desktops, virtual machines, etc. Which is then used to communicate with their Halo Grid over an encrypted tunnel. The Halo Grid does all the heavy lifting for Service Account Management, Firewall Configuration, Network Access Control and Vulnerability Management. Coming later this year will be IDS/IPS and Forensics components.

Security SaaS provider CloudPassage Inc. has launched a set of security products specifically designed for elastic cloud servers. The offering delivers multiple layers of security for cloud servers, and enables companies to manage their own cloud security via a single solution.

CloudPassage's approach to the problem is an interesting one compared to those of its competitors. It uses SaaS to secure public and private clouds, which allows its product to serve as a virtualized firewall, but also to enforce security policies to servers anchoring both private and public clouds. This hybrid approach will enable delivery of security solutions that meet cloud compliance needs, while still allowing businesses access to clouds.

The eyes and ears of the Halo architecture is the Halo Daemon, which is installed on both the cloud servers and the Halo Grid. The daemon is a 2MB agent that is the two way communication medium to both the server and the host based firewall. Further, the daemon performs the server vulnerability assessments and it does so without violating IaaS agreements by silently gathering security and configuration information about the server for secure transfer back to the Halo Grid. The Halo Grid is the central manager and secure communication pathway for all installed daemons. The grid also performs the heavy compute cycles that are used to continuously monitor and correlate server configurations with security policies and vulnerability assessments.

Judith Hurwitz, president and CEO of Hurwitz & Associates, a strategy consulting, market research and analyst firm, says she is impressed with CloudPassage. "It appears that they are focused on some difficult problems with cloud security. Cloud security is complicated because of issues related to how and what individuals and groups can access, based on roles and authorization. In addition, you have compliance issues related to geographies and data location."

The approach CloudPassage takes with its grid computing infrastructure and daemons isn't new, but its application to Infrastructure as a Service is unique, said Ted Ritter, senior research analyst with Mokena, Ill.-based Nemertes Research Group Inc. "They're essentially building a cloud-based security service for cloud-based services," he said.Enterprise adoption of cloud computing-- particularly IaaS -- remains relatively low, Ritter said. "Roughly less than 10% are doing IaaS in anything other than dipping their toes in the water," he said. "Security and privacy are the top reasons they're not doing it."

On the day CloudPassage emerged to announce their Cloud security solutions, TechWorld.com published an article, Digital black market offers cheap botnets for hire[3] reporting that for as little as $2 you can buy botnets to launch a spam campaign or purchase stolen credit card information; two of the security risk scenarios that the new products Halo SVM and Halo Firewall are specifically designed to protect against.

Every day for the last week or so after their launch, I've been asked left and right about whether I'd spoken to CloudPassage and what my opinion was of their offering. In full disclosure, I spoke with them when they were in stealth almost a year ago and offered some guidance as well as the day before their launch last week.Disappointing as it may be to some, this post isn't really about my opinion of CloudPassage directly; it is, however, the reaffirmation of the deployment & delivery models for the security solution that CloudPassage has employed. I'll let you connect the dots…

One early customer of CloudPassage's newly released products is Foursquare, a location-based social networking site with five million users globally. The East Village, New York-based company's senior operations engineer, David Birdsong, likes that CloudPassage's security technology delivers firewall rules directly to the host server. "If we ever decide to move either to a hybrid or completely off Amazon (AWS) in the future, we don't have to rethink how we are going to firewall our host server because it's built into the demon," said Birdsong. Being a company with a small operations team, Birdsong said Halo SVM lets the IT team easily audit server installations through a running dashboard. Birdsong also appreciates the usability of the software, which he describes as "obvious" in terms of functionality. Other such systems, he said, are "bare bones frameworks that you must curtail to how you want to use it."

Security and privacy will continue to be a critical priority for us as we dramatically increase the number of users and venues that Foursquare serves," Foursquare senior operations engineer David Birdsong said in a statement. "We need server security that includes nonstop vulnerability management and firewalling – and we need it to automatically keep up with our cloud environment. We have been impressed with the accuracy and performance of CloudPassage, and it has taken very little time to deploy and manage.

Server exposure assessment, configuration compliance monitoring, and network access control. CloudPassage, a security SaaS provider, has introduced the Halo SVM (Server Vulnerability Management) and Halo Firewall products, the server security and compliance products purpose-built for elastic cloud environments. These new products provide accurate server exposure assessment, configuration compliance monitoring, and network access control by automating the practices for securing servers in public and hybrid clouds.

Whenever a survey, whitepaper, or other industry research comes out evaluating cloud computing, most of the attributes of this trend-setting style of IT receive a ton of praise. However, if there is a hesitation on a potential customer's part about investing capital into such a system, the No. 1 point of contention is invariable: security. If it's outside your firewall, logic says, it's out of your control. God knows what can happen to precious business data in the care of someone else who doesn't care about it as much as you have to. Now there is something new to be considered. If a new startup, CloudPassage, is to believed -- and it indeed states a strong case -- those security issues may soon become history.

The Ogren Group believes that CloudPassage is on the right track. Enterprise applications are evolving from customer premise-based services to hybrid environments and public clouds, yet the evolution of static security perimeters and scheduled vulnerability management isn't evolving at the same pace. Placing the burden of analysis in the cloud as a SaaS allows CloudPassage to avoid distribution overhead to servers while assessing vulnerability information, server configurations, and customer policies for each server (and there will be plenty of opportunity to add additional security computations).

A year-old Silicon Valley SaaS start-up called CloudPassages broke cover Wednesday claiming that it can do what other security companies have failed to do and that's protect elastic cloud servers. It'll get off the ground by offering its base technology for free. The company's purpose-built widgetry is supposed to work with anybody's cloud - public or hybrid - and anybody's virtualization. It says hypervisors are irrelevant. Currently it works on Linux servers - any Linux server; Windows servers should follow by the end of the year.

CloudPassage Inc. introduced two security products for elastic cloud environments. Halo SVM addresses server vulnerability management with assessments and configuration of user servers. Halo Firewall is built to control server attacks by centralizing and automating host-based firewall management, enabling customers with unified, cloud policy management from a Web-based front end.

According to Neil MacDonald, VP and Gartner Fellow, the number one concern preventing enterprises from adopting public cloud computing is security. "As organizations shift workloads to cloud-based providers, it is imperative that security isn't weakened," he said. "Like on-premises workloads, organizations need to minimize attack surfaces, patch vulnerable software and ensure security configurations are maintained as workloads move to the cloud. However, unlike on-premises workloads, security policy enforcement in the cloud must be enforceable regardless of location and scalable elastically to potentially thousands of hosts."

Security firm CloudPassage, in stealth mode until today, hopes to build itself a market through helping enterprises reign in their firewall and system configuration of cloud servers. The company claims its Halo SVM (Server Vulnerability Management) and Halo Firewall are the first server security and compliance services built specifically for elastic clouds. "The goal is to help organizations enforce good server security and configuration management in the cloud," says Carson Sweet, company co-founder and CEO.

Many organizations that have moved applications into the cloud have not really addressed the need for security even though the service providers strongly suggest implementing firewalls and other security measures. The dynamic nature of their cloud implementations make it rather difficult to track virtual servers and make sure that they are all properly protected. CloudPassage appears to be in the very beginning of launching a number of security products designed to address that business need. So are, of course, just about every other security software supplier I've spoken to. CloudPassage appears to have some very innovative ideas. It is a company that I'm going to track over the coming years.

CloudPassage has emerged from stealth mode bent on one thing: securing elastic cloud servers. 'Elasticity requires a different security model,' CloudPassage VP of Marketing Brent Bilger said. 'We provide security for companies using IaaS' like Amazon (NSDQ:AMZN) EC2, Rackspace, GoGrid and others. The cloud computing paradigm introduces myriad new security concerns and the elasticity and multi-tenant nature of the cloud requires security policy to be enforced regardless of location.

CloudPassage's new Halo architecture for securing cloud servers uses a lightweight, 2 MB daemon that runs on the server and connects them to the Halo's grid. "We provide the elastic cloud that does the heavy-lifting for all the daemons," says Carson Sweet, co-founder and CEO of CloudPassage. " Very little computing is done on the individual servers, which preserves the performance of the VMs themselves."

Security start-up CloudPassage is offering two free services to protect cloud-based virtual servers by maintaining firewall policies and also checking for software vulnerabilities. Later this year the company will add advanced features to these services and charge for them as well as offer other paid services such as intrusion detection, but it is offering these initial services free to attract customers. Low-cost SSL proxy could bring cheaper, faster security; defeat threats like FiresheepThe services are designed for businesses that hire public cloud providers for infrastructure as a service and want to simplify security and vulnerability management.

CloudPassage today formally launched a free firewall security platform that dynamically scales as customers provision and de-provision servers in the cloud. According to CloudPassage CEO Carson Sweet, the Halo firewall products and server vulnerability management platform is the first security platform designed specifically to handle the elastic nature of cloud computing environments.

CloudPassage Inc., a maker of security software, is expected to launch its service to the public on Wednesday. The Menlo Park, Calif.-based start-up is launching its first two products, Halo SVM and Halo Firewall, built to assist companies in making virtual machines more secure. Traditional vulnerability assessment and management products can hamper hardware performance leading many companies to go without, said Carson Sweet, the company's co-founder and chief executive. That becomes a problem as servers replicate frequently in a cloud environment, compounding vulnerabilities, he said.

CloudPassage, Inc., a pioneering security SaaS company unveiled the industry's first and only products specifically designed from the ground up to provide security for elastic cloud servers. The new products will allow companies to manage their own cloud security by leveraging a single solution that is purpose-built for the cloud and delivers multiple layers of defense for cloud servers.

A new cloud security startup has emerged from stealth mode today, unveiling solutions specifically designed from the ground up to provide security for elastic cloud servers. CloudPassage, headquartered in Menlo Park, California, is looking to help companies manage their own cloud security by offering a single, purpose-built solution for the cloud that delivers multiple layers of defense for cloud servers.

CloudPassage has developed products built specifically to provide multiple layers of security for cloud servers. "Servers in the cloud need to be self-protecting and autonomous to survive the higher exposure level to threats and vulnerabilities," said Srivats Sampath, founder and former CEO of McAfee.com, and an investor in CloudPassage.

A recent discussion with a cloud startup called CloudPassage has given me pause to reconsider some of the ancillary security issues that are being discovered as a result of the use of cloud computing . Are there security issues with cloud computing? Yes. Are they enabled (or made worse) because of cloud computing models? Yes. Does that mean cloud computing is off-limits? No. It still comes down to proper security practices being extended into the cloud and potentially new architectural-based solutions for addressing the limitations imposed by today's compute-on-demand-focused offerings.

On this week's episode of Cloud Cover TV, new Infrastructure as a Service provider NephoScale takes on Amazon Web Services while Rackspace finds an OpenStack customer and cloud security startup CloudPassage comes out of stealth mode.