Halo Cortex

Integrations made easy

Halo Cortex is the fastest way for you to start building out your security automation workflows – with minimal impact on development cycles. Halo Cortex helps you make the transition to DevSecOps faster and easier utilizing a centralized set of coordinated integration tools and services that rapidly integrate Halo into your existing CI/CD toolchain.

Halo Cortex was purpose-built for DevOps: many of the tools included are delivered as Docker containers that can be easily transitioned into the toolset you’re already using. Cortex combines many of your most common integrations into one easy-to-implement package and also allows you to interact with Halo through Slack.

As a Halo user, Cortex is readily available to you. You can use Cortex as-is, or your team can extend its functionality by customizing it to meet your specific organizational needs.

What’s included in Halo Cortex:

Donbot

Donbot

Donbot allows users to interact with Halo within the Slack application and supports a number of different interactions just by switching to the #halo channel. Donbot can manage a rolling IP blacklist and workload quarantine, and it notifies you of critical events in your Halo account by placing them in-channel.

 

Halo Celery

Halo Celery

This asynchronous task manager allows multiple users (via Donbot) to interact simultaneously with Halo and prevents long-running queries and reports from interrupting or delaying any user interaction.

Firewall Graph

Firewall-Graph

Firewall-Graph runs on-demand, generating graphical representation of a specific Halo group’s firewall policy.

Scans-to-S3

Scans-to-S3

This component runs daily and ships all scan data from Halo modules to S3 for long-term storage or further analysis. You can use this functionality to meet long-term compliance needs or for deep analysis of historical security information.

Events-to-S3

Events-to-S3

This component runs daily and ships all events, from all modules, from your Halo account to AWS S3 for long-term storage or for further analysis. Similarly to Scans-to-S3 you can use this tool to facilitate deep analysis of historical security data.

EC2-Halo-Delta

EC2-Halo-Delta

EC2-Halo-Delta runs on-demand and creates a CSV file containing a list of all EC2 instances across your AWS accounts that are not protected by a CloudPassage Halo agent. Use Donbot to pull a container image that can be repurposed and run as a daily task from your existing CI tool. CSVs can be delivered to specific Slack groups based on the unprotected instances’ attributes, e.g. AWS account membership, VPC location, regional location, SSH key used in provisioning.

“Halo Cortex is available as community-supported, open-source software under the BSD license. CloudPassage offers support for Halo Cortex alongside CloudPassage Halo.”

Learn more about Halo Cortex

Halo Cortex is available as open-source software under the BSD license. CloudPassage offers support for Halo Cortex alongside the Halo platform. Contact us today to learn more.