The Halo Platform

Comprehensive security & compliance for any infrastructure, in an easy-to-use, scalable, on demand platform.

icon-security

Security

Protect workloads no matter where they run with a single platform that delivers a broad set of security controls.

icon-compliance

Compliance

Gain instant visibility into and automatically track security posture of servers in scope of regulations – automate compliance with PCI DSS, HIPAA, ISO 27002, and others.

Halo Delivers Critical Controls, Anywhere, On Demand

icon-visibility.svg

Visibility

Immediate & consistent knowledge of server assets, where they are & what they do.

icon-layered-access.svg

Layered Access Control

Strong authentication for authorized access & access policy enforcement.

icon-exposure-protection.svg

Exposure Management

Continuous detection of exploitable vulnerabilities.

icon-compromise-management.svg

Compromise Management

Detection & response to malicious or accidental compromises.

icon-data-protection.svg

Data Protection

Assurance of appropriate protection of data in motion & at rest.

CloudPassage Halo Features

product-platform-diagram

Configuration Security Monitoring
Automatically monitor operating system and application configurations, processes, network services, privileges, and more. Evaluate new and reactivated servers against the latest configuration policies in seconds with almost no CPU utilization.

Multi-Factor Authentication
Halo Multi-Factor Network Authentication enables secure remote network access using two-factor authentication via SMS to a mobile phone, or using a YubiKey® with no additional software or infrastructure. Keep your server ports hidden and secure from the rest of the world while allowing temporary access on demand for authorized users only.

Software Vulnerability Assessment
Halo scans for vulnerabilities in your packaged software rapidly and automatically, across all of your cloud environments – precisely where traditional vulnerability scanning products are unable to operate effectively. With Halo, thousands of server configuration points can be assessed in minutes, helping you to maintain continuous exposure awareness in the cloud.

Workload Firewall Management
Deploy and manage dynamic firewall policies across public, private, and hybrid cloud environments. Build firewall policies from a simple web-based interface, and assign them to groups of servers. Policies update automatically within seconds of server additions, deletions and IP address changes.

Server Access Management
Evaluate who has accounts on which cloud servers, what privileges they operate under, and how accounts are being used. Halo provides a single online management console where you can monitor your servers in public, private and hybrid cloud environments. The convenient user interface makes it easy for you to identify accounts that should have been removed.

File Integrity Monitoring
Protect the integrity of your cloud servers by constantly monitoring for unauthorized or malicious changes to important system binaries and configuration files. File Integrity Monitoring first saves a baseline record of the “clean” state of your cloud server systems. It then periodically re-scans each server instance and compares the results to that baseline. Any differences detected are logged and reported to the appropriate administrators.

Event Logging and Alerting
Halo’s security logging and alerts capabilities detect a broad range of events and system states, alerting you when they occur. The platform allows users to define which events generate logs or alerts, whether they are critical, and who will receive them.

Log-Based Intrusion Detection
Halo LIDS continuously monitors important server log files for events that should not happen; indicating misuse, misconfiguration, or even a compromise. When LIDS detects a suspicious event, the details of the event are collected and inserted into the Halo security events feed, and users are alerted to the suspicious activity.

Orchestration Services

CloudPassage Halo is built on the principles of software-defined security. It is a high speed, scalable platform that provides the automation and orchestration required for dynamic cloud infrastructure. Customers can easily set up automated, hands-free security provisioning for virtual infrastructure that mirrors the capabilities already found in infrastructure orchestration tools, either through the Halo Portal or by using one of the infrastructure orchestration tools widely used today.

Integrations

CloudPassage offers an extensive API and other mechanisms to ease integrations with a range of security and operational solutions.

Operating Systems

  • Linux
  • Windows

Cloud Providers

  • Amazon AWS EC2
  • Google Compute Engine
  • IBM SoftLayer
  • Microsoft Azure
  • Rackspace

Governance, Risk, Compliance Products

  • RSA Archer
  • Arcsight
  • Splunk
  • Sumologic

Compliance Standards

  • PCI
  • SOC2
  • SOX
  • HIPAA

Identity Management

  • Okta
  • OneLogin
  • Ping

Infrastructure Orchestration

  • Chef
  • Puppet

Containers

Want to see Halo in action?

Schedule a live demo to learn what Halo can do for your business.

Schedule Your Demo