Cloud Secure is the cloud security posture management (CSPM) component of the Halo cloud security platform. It automates security and compliance management for critical assets hosted in public clouds, both as a standalone service or in concert with Halo’s server and container security capabilities.
In just minutes, Halo Cloud Secure gives you full visibility into the security and compliance posture of your entire cloud environment and opens the door to fast, consistent, automated remediation workflows. Cloud Secure is the means to establish and maintain a strong IaaS security posture—automatically.
Automatically discovers and inventories dozens of IaaS services and resources for comprehensive infrastructure visibility
Assesses cloud accounts, services, configurations, and resources for adherence to security and compliance best-practices with pre-built rules
Monitors cloud accounts, assets, and events to detect security and compliance risks introduced by innocent changes or malicious activity
Provides detailed issue evidence and remediation guidance, automatically detecting and reporting resolved issues
No static rulesets that change without notice with Halo’s CSPM capabilities—unlike the alternatives. Cloud Secure provides comprehensive policy and rule templates along with very easy, flexible policy management features.
When rules are applied, the raw data collected from IaaS APIs, manual auditing instructions, rationale for best-practices, and explicit remediation guidance are delivered alongside every rule.
Security and compliance rules that support over 50 IaaS assets you simply clone into your Halo environment for use and assignment
Library of policies and rules based on Center for Internet Security (CIS) benchmarks and support for PCI, HIPAA, SysTrust/SOC 2, and more
Every policy and rule can be customized for specific company, business unit, and application standards by approved administrative users
Import existing rules and policies—or export versions you have defined in Halo—as JSON, via the Halo portal or REST API
When CloudPassage releases new content, just copy new rules you need into your existing policies—no need to start over
Implement version control and manage policy distribution and updates with tools like git using the Halo REST API
Restrict policy visibility and management to specific business units or application teams without risk of affecting others
Cloud Secure delivers truly actionable data in truly actionable ways. Our CSPM automatically aggregates, normalizes, correlates, and enriches data from cloud service provider metadata (including user-defined tags) across different IaaS providers, delivering seamless functionality and intelligence.
All data available via JSON for easy consumption by downstream tools like SIEM, SOAR, GRC, operational workflow tools
All functions available to your custom integrations, our off-the-shelf integrations, or to open-source integration code
Mobilize Halo intelligence however your ops team wants it—emails, CSV exports, Reports, message queue delivery
Combine and stack 34 data features into sophisticated operational and workflow views for seamless communications
Halo Cloud Secure uses lightweight API connectors to your cloud providers’ native APIs to discover, inventory, assess, and monitor cloud assets for issues related to security and compliance posture.
API connectors automatically collect and stream data to the efficient, transparently scalable Halo cloud, which analyzes the data for security and compliance.
The API is lightweight and designed to have little to no impact on your environment—like all Halo sensors.
No deployment and management of additional compute or data resources are required.
Simply configure Cloud Secure with read-only IaaS access and all the rest is automated.
API connectors are proxy-aware and require no changes to your network environment.
Continuous monitoring can be fine-tuned by asset type, to optimize IaaS platform API resources.
Halo’s CSPM component makes your IaaS audits faster, easier, more successful, and less frustrating.
InfoSec and system owners can address compliance problems as they’re discovered, not during an audit or last-minute fire drill.
Halo puts all compliance data in one place, from cloud asset population to configuration findings to remediation records.
Halo Cloud Secure provides a non-tamperable record of technical and operational compliance for your IaaS environments.
All data is easy to query, export, and report on for auditors via the Halo UI or the Halo API for compliance audits.
DevOps and InfoSec won’t lose time trying to find months-old data or locked in a room explaining technical details.
Many cloud security “suites” are mashups of old technology that require separate licensing, deployment, administration, and maintenance. Some even require that you purchase their legacy technologies or additional features that should be included to make their “next-generation” technology operate. Unlike “free” IaaS provider tools that don’t provide parity in their competitors’ clouds, Halo works across CSPs.
Halo was designed from the ground up to be a truly unified solution. The Halo Cloud Security Posture Management (CSPM) service uses the same API connectors, microagents, console, API, policy engine, data model, and analytics engine as our Cloud Workload Protection Platform (CWPP) and Container Security services.