CloudPassage, a recognized leader in cloud computing security and compliance, announced expanded container-related security capabilities for its award-winning Halo cloud security platform. A range of Halo’s capabilities have been extended to Docker and Kubernetes environments hosted in public clouds or on-premises, including configuration security assessment, vulnerability management, log event inspection, threat detection, and compliance monitoring. These capabilities support generic Docker hosts, Kubernetes nodes, and AWS Elastic Container Service (ECS) instances. Halo now also provides API-based security posture management (CSPM) for AWS Elastic Kubernetes Service (EKS) and AWS Elastic Container Registry (ECR).
These new features extend the ability of infosec teams to use Halo to maintain security and compliance in dynamic, diverse, and distributed cloud computing environments. The Halo security platform unifies and automates security controls and compliance across servers, containers, and IaaS resources in any mix of public, private, hybrid, and multi-cloud environments.
“Enterprises of all sizes are increasingly using containers to take advantage of the speed, efficiency, portability, and scale benefits they deliver. However, containers’ ephemeral nature and ability to run virtually anywhere can create challenges for information security teams tasked with universal computing asset security,” said Carson Sweet, CloudPassage CEO and cofounder. “These new features further extend Halo’s unified capabilities to address the market need to do more with a single unified platform.”
Details of these capabilities include:
- Automatic log event inspection for Docker hosts and Kubernetes nodes that enables event-based intrusion detection, administrative access auditing, and compliance-related event collection (including policy templates)
- Configuration security and compliance monitoring for Docker hosts, ECS instances, Kubernetes nodes, Fargate deployments, and ECR instances (including policy templates)
- File integrity monitoring for Docker hosts, ECS instances, and Kubernetes nodes that enables intrusion detection and configuration drift (including policy templates)
- Network traffic discovery for Docker hosts, ECS instances, and Kubernetes nodes
- Automatic seek-and-scan of Docker images when unknown images launch on monitored Docker and Kubernetes hosts to ensure every running image is scanned and unknown—or “rogue”—images are detected
- Kubernetes-native DaemonSet support automates deployment of the Halo microagent on every Kubernetes node for easy security management (includes Helm chart support)
- Additional enhancements including Halo API updates to include all new capabilities for integration with downstream workflows and a Halo Portal overview dashboard that summarizes and highlights data for container-specific security use cases
Security Blueprint: Automating Security Controls in Kubernetes Environments How-to Guide
To help Infosec address the security and compliance challenges cloud-based container architectures create, CloudPassage has published a Security Blueprint that discusses the layers of the Kubernetes stack and provides best practices for securing each layer. Download the Automating Security Controls in Kubernetes Environments security blueprint.
Fidelis Cybersecurity combats the full spectrum of cyber-crime, data theft and espionage. A leading provider of threat detection, hunting and response solutions, Fidelis provides full visibility across hybrid environments, automates threat and data theft detection, empowers threat hunting, and optimizes incident response with context, speed and accuracy. Fidelis is trusted by Global 1000s and Governments as their last line of defense.
The Fidelis Elevate® platform captures rich metadata from across the threat landscape and combines that content to enable real-time and retrospective analysis, giving security teams the platform to effectively hunt for threats in their environment.
For more information go to www.fidelissecurity.com. Fidelis Cybersecurity is a portfolio company of Skyview Capital.