CloudPassage announced today a new release of CloudPassage Halo, the company’s award-winning automated security platform. This enhancement simplifies customers’ compliance efforts, deepens integration to AWS with EC2 metadata, and increases accuracy of known software vulnerabilities detection for the Windows Server platform. These innovations can save security and DevOps teams’ time while advancing the security and compliance posture of workloads in any IT infrastructure.
A common PCI compliance challenge for companies handling credit card data is to ensure card numbers are not accidentally exposed in application log files. This common mistake can cause cascading exposures of credit card numbers in downstream reporting tools, and increases the likelihood that the data will get into the hands of fraudsters and other attackers. A best practice to avoid these issues is to inspect code for configuration errors that can lead to data leaks before the application is deployed, but security practitioners must also have a way to detect these data leaks in production. With this latest release of Halo, credit card numbers can be detected in log files simply by checking a box within Halo’s pre-built policies.
“CloudPassage Halo can now automate detection of credit card numbers in log files,” said Ram Krishnan, Chief Product Officer at CloudPassage. “Automated detection functionality can be enabled in just a few clicks, eliminating the need to create complicated regular expressions to detect these patterns.”
In addition, the latest version of CloudPassage Halo now integrates with AWS EC2 metadata service. Halo users can now use the AWS EC2 instance identifier (as opposed to hostname or IP address) to more easily identify assets needing further investigation or remediation and communicate those issues to the personnel responsible.
“Our customers requested this deeper integration and we listened,” said Krishnan. “We’ve already received positive feedback and have seen many of our customers immediately begin to incorporate the AWS EC2 metadata into their processes to supplement asset inventory information, to facilitate identification and location of affected systems across various business applications and to apply security policy.”
For organizations who build new images rather than remediate in place, the AMI ID is provided so that the source image can be flagged for remediation. In addition, assets can be located and more easily organized in Halo by their AWS EC2 metadata attributes.
In addition, the newest release of Halo now provides more accurate detection of known software vulnerabilities for Windows Server platforms.
Halo users can receive notifications when Windows server instances are deployed with known software vulnerabilities, continuously monitor for new vulnerabilities, and understand how long vulnerabilities have been present within their environment without being remediated. Detailed reports of vulnerable software on individual servers are also available.
Additional enhancements in this new version of Halo are detailed in this CloudPassage blog.