IaaS THREAT PREVENTION AND COMPLIANCE
Halo Cloud Secure gives you confidence in threat prevention and compliance for IaaS environments including AWS and Azure
IaaS Threat Prevention and Compliance Need the Right Tools
Datacenter migrations, cloud-native application development, and serverless application architectures are just a few of the use cases driving enterprises to adopt public IaaS. Cloud infrastructure services like AWS and Microsoft Azure provide seemingly limitless speed, scale, and distribution for a wide variety of application infrastructure.
The business benefits to digitally-driven enterprises are clear, but security teams without the right tools are left struggling with basic issues like asset and risk visibility. Just one compromise is all it takes to wipe out the value of cloud adoption.
Designed for IaaS environments
We built Cloud Secure explicitly to give security teams automated and up-to-date awareness of assets, threat exposures, and compliance concerns across all their public cloud infrastructure environments. Cloud Secure is built on the Halo platform, so it delivers the same level of integration, automation, scale and speed as our other workload protection solutions. The common Halo platform also means true integration across capabilities, so you don’t have to integrate multiple products – or wait for other vendors to integrate their own point solutions.
How it Works
Enterprise-class features make IaaS protection easy while delivering flexibility and control.
Built to be fast and easy to set up by leveraging IaaS provider mechanisms. Through a simple read-only role, you can enable Cloud Secure to evaluate your AWS or Azure environment in minutes. For enterprises with many IaaS accounts, API automation can set up hundreds or even thousands of accounts easily. Depending on the size of the account, you will have full inventory and assessment results within five to fifteen minutes.
Every enterprise adopts IaaS for its own reasons and every use case comes with new workload protection requirements.
Your enterprise might use IaaS to gain development agility, optimize cost structures, or to decentralize application development and ops. Or perhaps you’re with a cloud-native startup that’s in the cloud because it was born there. Whatever the reason, here are some of the most commonly seen use cases for Halo Cloud Secure.
Cloud Secure's features give security engineering teams the capabilities to handle IaaS security and compliance quickly and easily at any scale.
Halo Cloud Secure is continually evolving based on feedback from our customers, including some of the largest and most sophisticated cloud deployments on the planet. Here are a few of the features that make Halo Cloud Secure a high-value solution:
For a complete inventory of all Halo Cloud Secure features and capabilities, please download the Halo Cloud Secure technical brief.
- Fully automated asset inventory across any number of IaaS environments
- Continuous security and compliance evaluation of IaaS accounts, services, and resources
- Detailed issue resolution advice via UI or REST API, including full technical details of expected and identified state in JSON format
- Exhaustive library of customizable technical rules and policies supporting common technical standards needed for compliance with PCI DSS, SysTrust/SOC 2, HIPAA, and other regulatory requirements
- Delivery of JSON issue data to asset owners via AWS SQS, enabling system owners to automate resolution of critical exposures
- Automatic collection and integration of cloud service provider metadata (including user-defined tags) to make operations easier
- Built on the Halo platform to provide one consistent interface, data model, REST API, and integration strategy for public IaaS assets as well as server-based and containerized assets
Halo Cloud Secure supports a broad set of Amazon Web Services and Microsoft Azure services that are frequently deployed in modern application stacks.
CloudPassage constantly adds new public IaaS services and related rules and policies to support the most frequently deployed cloud infrastructure. If you don’t see a service that you need, contact us to ask – it might be right around the corner.
Amazon Web Services
- API Gateway
- Elastic Compute Cloud (EC2)
- Elastic Load Balancing (ELB)
- Identity and Access Management (IAM)
- Key Management Service
- Lambda Serverless Compute
- Relational Database Service (RDS)
- Route 53
- Simple Storage Service (S3)
- Virtual Private Cloud (VPC)
- Application Gateway
- App Service
- Active Directory
- SQL Servers
- Virtual Network
* Halo Cloud Secure support for Google Cloud Platform is scheduled for 2020.