Halo Cortex

Integrations made easy

Halo Cortex is the fastest way for you to start building out your security automation workflows – with minimal impact on development cycles. Halo Cortex helps you make the transition to DevSecOps faster and easier utilizing a centralized set of coordinated integration tools and services that rapidly integrate Halo into your existing CI/CD toolchain.

Halo Cortex was purpose-built for DevOps: many of the tools included are delivered as Docker containers that can be easily transitioned into the toolset you’re already using. Cortex combines many of your most common integrations into one easy-to-implement package and also allows you to interact with Halo through Slack.

As a Halo user, Cortex is readily available to you. You can use Cortex as-is, or your team can extend its functionality by customizing it to meet your specific organizational needs.


Donbot allows users to interact with Halo within the Slack application and supports a number of different interactions just by switching to the #halo channel. Donbot can manage a rolling IP blacklist and workload quarantine, and it notifies you of critical events in your Halo account by placing them in-channel.

Halo Celery

This asynchronous task manager allows multiple users (via Donbot) to interact simultaneously with Halo and prevents long-running queries and reports from interrupting or delaying any user interaction.

Firewall Graph

Firewall-Graph runs on-demand, generating graphical representation of a specific Halo group’s firewall policy.


This component runs daily and ships all scan data from Halo modules to S3 for long-term storage or further analysis. You can use this functionality to meet long-term compliance needs or for deep analysis of historical security information.

Participate in Independent Cloud Security Research and Get Access to Industry Reports

Take part in one or more of our surveys and let your voice be heard​