Cloud Security and Compliance Resources

White Papers and Reports

Cloud Servers: New Risk Considerations

This white paper from CloudPassage presents specific details on the most pertinent new risks associated with adoption of cloud IaaS. It is based on real world learning, shared by companies we have worked with, to achieve security and compliance in the cloud.

PCI and the Cloud

This white paper provides cloud teams with real-world advice on handling PCI in dynamic cloud hosting environments. It focuses on what cloud engineering teams really need to know, as well as strategies to maximize automation of security and compliance operations.

Understanding the Payment Card Industry Cloud SIG Guidance

Released by the PCI Council in February 2013, the PCI DSS Cloud Computing Guidelines Information Supplement finally sheds some light on how to address PCI DSS compliance concerns within cloud environments. CloudPassage not only contributed to the supplement, but has written its own report to supplement the PCI DSS guidance in an effort to assist businesses in better understanding the new PCI guidelines.

Security and the Cloud 2012

This report reflects the detailed analysis of CloudPassage's 2012 Security and the Cloud survey. Survey respondents were asked a series of questions about their current cloud usage, future deployment plans, and security and compliance related concerns.

451 Research Impact Report: FIM in the Cloud

With its enhanced FIM in the cloud, CloudPassage provides users with the knowledge and assurance that data has not been altered while stored in a cloud environment. Read this report by 451 Research to learn more about CloudPassage Halo and its FIM capabilities.

Solution Briefs

Halo for Ecommerce Compliance

Many organizations under PCI regulations are looking for ways to leverage the cloud, but fear that it will jeopardize their compliance status. Learn how CloudPassage Halo helps make PCI compliance in the cloud possible and easier than you may have ever thought.

Use Cases

Halo for Ecommerce Compliance

CloudPassage Halo provides a quick and easy way for e-commerce companies, to secure all of the organization's cloud servers and help with their regulatory compliance objectives. This paper describes where Halo can be applied and how it can help.

Halo for SaaS Compliance

This paper describes how CloudPassage Halo can help SaaS vendors with both the security and compliance challenges of deploying servers in private, public and hybrid architectures.

Halo for Media Compliance

Media companies are increasingly leveraging cloud architectures to keep up with the fluctuating usage demands of their users. Learn how CloudPassage Halo can help address security and compliance challenges.

Technical Guides

Halo API Developer's Guide

This document is a programmer's guide that describes all server-security operations available to you in the CloudPassage API. In addition, it serves as a detailed reference that includes sample requests, responses, and errors for all supported calls.

Halo for PCI Reference Matrix

PCI and the cloud can be challenging. To make it easier for you, we have created a reference matrix that will help you understand the requirements of the PCI Data Security Standard (PCI-DSS) and how they map to the capabilities of CloudPassage Halo.

Webinars

What You Need To Know About The New PCI Cloud Guidelines

Chris Brenton, Director of Security at CloudPassage and member of the PCI Council's Cloud Special Interest Group (SIG) and Dave Shackleford, VP of Research and CTO at IANS dive into the changes and implications of the new PCI cloud guidance.

Meeting PCI DSS Requirements with AWS and CloudPassage

Carson Sweet, co-founder & CEO at CloudPassage, Ryan Holland, Ecosystem Solutions Architect at AWS, and Philip Stehlik, CTO at Taulia talk about the current security capabilities of AWS and explain how to supplement them with best practices for server deployment and cloud-capable security tools.

PCI and the Cloud

Dave Shackleford (IANS) and Andrew Hay (CloudPassage) discuss how to be PCI compliant in the cloud, why compliance in the cloud is so hard, what the QSA really looks for, and more.

How to Develop Software in the Cloud - Securely

Companies look to develop their software and services in a Cloud-based environment for its convenient and flexible access. However, this convenience and flexibility comes with its own risk. Listen to this pre-recorded webinar as Grant Thornton and CloudPassage discuss how to develop software in the Cloud – securely.

Securing Servers in Public and Hybrid Clouds

Carson Sweet, co-founder and CEO of CloudPassage and Uri Budnik, Director, ISV Partner Program of RightScale discuss why security and compliance are different in the cloud, outline a model for securing cloud-based hosting environments, and explain best practices for implementing a secure cloud infrastructure.