Halo® SDSec for Cloud Infrastructure

Halo was purpose-built to automate infrastructure security & compliance in private clouds, public IaaS, and hybrid/multi-cloud hosting environments.

The Halo SDSec platform uses the power of elastic compute and big-data analytics to automate a wide range of security & compliance controls directly to virtual machine instances hosted in any cloud infrastructure environment.

At the heart of the Halo platform is a security analytics engine that contains policies and logic to implement a number of monitoring and enforcement controls. These controls are modular and can be activated and deactivated as needed.

Based on customer policies and settings, Halo's control modules interact with a small VM-based agent (6 MB) to collect workload status and event information in near real time. The Halo security analytics engine continuously analyzes information about individual VMs and the state of the overall infrastructure environment. The analytics engine makes and implements decisions such as automated policy changes, alert generation, intrusion containment actions, etc.

Get the Halo Technical Brief

Halo Modules & Features

Halo offers extensive capabilities meeting protection needs and satisfying requirements of PCI DSS, HIPAA, ISO 27002, and other compliance standards.

Security teams are now faced with multiple cloud infrastructure environments, each with its own set of risks, capabilities, and technical constraints. The Halo SDSec platform offers these teams the ability to consolidate controls into one central, automated environment that works seamlessly across any mix of infrastructure and at any scale.

Halo eliminates the complexities of managing a large number of point solutions across diverse and widely distributed environments. And because Halo's architecture implements the principals of SDSec, the resulting consolidated control environment is automated, orchestrated, transparently scalable, and abstracted from hardware, topology & other physical factors.

Workload Firewall Management

Workload Firewall Management

Deploy and manage dynamic firewall policies across public, private, and hybrid cloud environments. Build firewall policies from a simple web-based interface, and assign them to groups of servers. Policies update automatically within seconds of server additions, deletions and IP address changes.

Multifactor Network Authentication

Halo Multifactor Network Authentication enables secure remote network access using two-factor authentication via SMS to a mobile phone, or using a YubiKey® with no additional software or infrastructure. Keep your server ports hidden and secure from the rest of the world while allowing temporary access on demand for authorized users only.

multi-factor authentication

configuration security monitoring

Configuration Security Monitoring

Automatically monitor operating system and application configurations, processes, network services, privileges, and more. Evaluate new and reactivated servers against the latest configuration policies in seconds with almost no CPU utilization.

Software Vulnerability Assessment

Halo scans for vulnerabilities in your packaged software rapidly and automatically, across all of your cloud environments–precisely where traditional software scanning products are unable to operate effectively. With Halo, thousands of server configuration points can be assessed in minutes, helping you to maintain continuous exposure awareness in the cloud.

software vulnerability assessment

file integrity monitoring

File Integrity Monitoring

Protect the integrity of your cloud servers by constantly monitoring for unauthorized or malicious changes to important system binaries and configuration files. File Integrity Monitoring first saves a baseline record of the "clean" state of your cloud server systems. It then periodically re-scans each server instance and compares the results to that baseline. Any differences detected are logged and reported to the appropriate administrators.

Server Account Management

Evaluate who has accounts on which cloud servers, what privileges they operate under, and how accounts are being used. Halo provides a single online management console where you can monitor your servers in public, private and hybrid cloud environments. The convenient user interface makes it easy for you to identify accounts that should have been removed.

account management

event logging and alerting

Event Logging and Alerting

Halo's security logging and alerts capabilities detect a broad range of events and system states, alerting you when they occur. The platform allows users to define which events generate logs or alerts, whether they are critical, and who will receive them.


Halo's REST API provides full automation of your cloud deployments and lets you integrate your security platform with your other systems. Once installed, Halo can automatically monitor security compliance rules across thousands of systems.


Get the Halo Technical Brief

Integration Capabilities

As a purpose-built security automation platform for the cloud, Halo integrates with any cloud platform or cloud service provider, and features a REST API that allows integration with automation tools and security systems.

As new cloud servers are created, Halo seamlessly integrates, without extra provisioning from a security or operations team. All policies are updated and applied completely automatically within the platform.

With one central point of visibility, Halo allows true on-demand use of infrastructure-as-a-service and the benefits of fully automated operations, whether deployed in public, private, or hybrid cloud environments.

Learn More