Once you have properly configured a server or cloud workload and hardened it against an attack, it’s important to keep it that way. You need to be alerted if an important file changes, or a user account has been added, or an important function like the firewall has been turned off.
THE SOLUTION: CLOUDPASSAGE HALO
CloudPassage Halo is a security and compliance platform that works seamlessly in any combination of dynamic compute environments: data centers, private cloud and public cloud. Halo is delivered as a service, so it’s on demand, fast to deploy, fully automated and works at any scale.
Halo includes file integrity monitoring (FIM) to detect if critical binaries or configuration files have changed on your servers and cloud workloads. Halo FIM has been optimized to work in modern agile IT environments. As servers arebuilt and deployed through automated tool chains, Halo can automatically create or update integrity monitoring baselines, which saves time and produces fewer false-positives than traditional FIM systems.
Halo also monitors server log files for important events that could indicate that your system has been compromised. A key advantage of log-based intrusion detection is that it works in modern IaaS environments where traditional network-based IDS fails. Halo has verylight impact on monitored systems Because only specific, high-value events are monitored by Halo, the massive gathering, storage, and analysis of voluminous events from hundreds or thousands of log files is avoided.
- Fully automated security
- Integrated with DevOps orchestration tools
- Verify system & data integrity
- Detect compromise
- Minimal system impact