CloudPassage®, a leading cloud infrastructure security company, announced today the availability of the CloudPassage Halo App for Splunk Enterprise. The app enables Splunk® Enterprise 6 and CloudPassage users to collect 80 unique security event types across complex cloud infrastructure and analyze and correlate the data with other machine data indexed in Splunk Enterprise.
“The CloudPassage Halo App for Splunk Enterprise makes it easier to find more actionable insights about the environment,” said Drew Daniels, head of security, compliance and privacy at ClearSlide. “The ability to get real-time information that’s customizable for our cloud environment is incredibly useful and allows us to be much more efficient with our compliance efforts.”
The CloudPassage Halo App for Splunk creates a seamless experience for end users with the ability to create unique dashboards for insights only possible when pairing Halo’s massive event data with Splunk Enterprise’s ability to correlate and analyze. The app also allows users to geo-locate login attempts and cloud computing instances on any cloud provider anywhere in the world.
“The CloudPassage Halo App for Splunk Enterprise provides Splunk users with rich cloud security event data that is otherwise elusive and obscured in cloud environments,” said Bill Gaylord, senior vice president of business development of Splunk. “Organizations are seeking greater transparency into their cloud environments, and we are pleased to team up with CloudPassage to shine a light on this data and allow organizations to enhance their security posture by correlating additional cloud security data with machine data from across the organization.”
For more details on the correlations and dashboards possible with the CloudPassage Halo App for Splunk visit the CloudPassage Security Blog.
CloudPassage’s Halo technology monitors 80 unique events to deliver critical infrastructure information, including changes to firewalls, access and File Integrity Monitoring (FIM). The correlation of Halo-generated events provides user with more insight and actionable information about potential security issues, including the ability to create dynamic dashboards for everything from viewing events by policy to analyzing violations per server.
“The dynamic nature of the cloud presents huge obstacles for organizations that are looking to benefit from cloud infrastructure. These massively scalable, distributed environments break traditional security models. Halo is a massively distributed solution that when combined with Splunk Enterprise provides insights that can’t be seen with any other tool,” said Carson Sweet, CEO of CloudPassage.
The CloudPassage Halo App for Splunk Enterprise is also available on the CloudPassage ToolBox on GitHub.