Verify continuous compliance in the cloud

Move past legacy security challenges & maintain compliance in the cloud

Cloud security compliance challenges

As cyber threats grow in frequency and in complexity, enterprises are under constant pressure to ensure their cloud-based workloads and containers are in compliance with regulations like PCI DSS, HIPAA, SOC2, and SOX. But maintaining continuous visibility into the compliance postures of servers, workloads and containers in modern cloud environments is a significant challenge. Traditional security and compliance tools do not function well in agile environments because they are not built to handle rapid scaling, cloud-based ephemeral workloads, and consumption-based pricing models. Legacy tools are unable to keep pace, leaving significant gaps in coverage.

Specifically, problems can include:

Traditional controls do not operate continuously, which means they can completely miss seeing ephemeral workloads that spin up and down rapidly in the cloud.

To get high-quality detections, network scanners require that credential-based authenticated scanning be performed on endpoints. But managing credentials is a laborious effort when systems are constantly changing.

Traditional host-based security products and log management products are slow to deploy, causing security to be a bottleneck.

The solution

The CloudPassage® Halo® security and compliance automation platform solves all of these challenges. Halo provides businesses the easiest, most automated way to verify continuous server compliance in cloud environments.

Working in any combination of cloud or hybrid infrastructure (public cloud, private cloud, hybrid, multicloud, or virtualized data center including bare metal), Halo provides continuous visibility and compliance  as a service. Workloads can be assessed both in the CI/CD process as images are created, as well as in runtime environments immediately as they are deployed and continuously thereafter.

Halo consolidates your traditional compliance controls into a single platform

Halo provides within a single platform several different types of controls that are typically needed to comply with regulations like PCI DSS, HIPAA, SOC2, and SOX:

  • Software Vulnerability Assessment (SVA)
  • Configuration Security Monitoring (CSM))
  • Server Account Monitoring (SAM)
  • File Integrity Monitoring (FIM)
  • Log-based Intrusion Detection (LIDS)

Halo for Compliance


HIPAA (Health Insurance Portability and Accountability Act) is legislation that requires data privacy and security provisions for organizations to safeguard any medical information. Halo allows for HIPAA compliance through automated policy implementation.


The Service Organization Control (SOC) reporting framework for SOC 2, Type 2, is designed for technology and cloud computing organizations, and CloudPassage has been audited against it. The SOC 2 report – which concentrates on a business’s non-financial reporting controls as they relate to security, availability, processing integrity, confidentiality, and privacy of a system – is available to customers to meet a wide range of US and international auditing requirements.


The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit cards. As overseen by the PCI Standards Council (SSC), CloudPassage places stringent controls around cardholder data as both a service provider and merchant.

“The old adage was ‘You can go fast, or you can be secure.’ With Halo, we can be both fast and secure.”