CloudPassage Expands Cloud Security Capabilities for Docker, Kubernetes, and Container-Related Services on AWS
July 27, 2020

CloudPassage announced expanded container-related security capabilities for its Halo cloud security platform.

A range of Halo's capabilities have been extended to Docker and Kubernetes environments hosted in public clouds or on-premises, including configuration security assessment, vulnerability management, log event inspection, threat detection, and compliance monitoring. These capabilities support generic Docker hosts, Kubernetes nodes, and AWS Elastic Container Service (ECS) instances. Halo now also provides API-based security posture management (CSPM) for AWS Elastic Kubernetes Service (EKS) and AWS Elastic Container Registry (ECR).

These new features extend the ability of infosec teams to use Halo to maintain security and compliance in dynamic, diverse, and distributed cloud computing environments. The Halo security platform unifies and automates security controls and compliance across servers, containers, and IaaS resources in any mix of public, private, hybrid, and multi-cloud environments.

"Enterprises of all sizes are increasingly using containers to take advantage of the speed, efficiency, portability, and scale benefits they deliver. However, containers' ephemeral nature and ability to run virtually anywhere can create challenges for information security teams tasked with universal computing asset security," said Carson Sweet, CloudPassage CEO and cofounder. "These new features further extend Halo's unified capabilities to address the market need to do more with a single unified platform."

Details of these capabilities include:

- Automatic log event inspection for Docker hosts and Kubernetes nodes that enables event-based intrusion detection, administrative access auditing, and compliance-related event collection (including policy templates)

- Configuration security and compliance monitoring for Docker hosts, ECS instances, Kubernetes nodes, Fargate deployments, and ECR instances (including policy templates)

- File integrity monitoring for Docker hosts, ECS instances, and Kubernetes nodes that enables intrusion detection and configuration drift (including policy templates)

- Network traffic discovery for Docker hosts, ECS instances, and Kubernetes nodes

- Automatic seek-and-scan of Docker images when unknown images launch on monitored Docker and Kubernetes hosts to ensure every running image is scanned and unknown—or "rogue"—images are detected

- Kubernetes-native DaemonSet support automates deployment of the Halo microagent on every Kubernetes node for easy security management (includes Helm chart support)

- Additional enhancements including Halo API updates to include all new capabilities for integration with downstream workflows and a Halo Portal overview dashboard that summarizes and highlights data for container-specific security use cases

Share this

Industry News

November 24, 2020

Red Hat announced new capabilities and features for Red Hat OpenShift, the company's enterprise Kubernetes platform.

November 24, 2020

Sectigo released Chef, Jenkins, JetStack Cert-Manager, Puppet, and SaltStack integrations for its certificate management platform.

November 24, 2020

DataStax released K8ssandra, an open-source distribution of Apache Cassandra on Kubernetes.

November 23, 2020

Spectro Cloud has released a new, self-hosted version of its flagship product, Spectro Cloud.

November 23, 2020

GitLab completed integration of Peach Tech, a security software firm specializing in protocol fuzz testing and dynamic application security testing (DAST) API testing, and Fuzzit, a continuous fuzz testing solution providing coverage-guided testing.

November 23, 2020

Fugue announced the availability of its SaaS product in AWS Marketplace, further simplifying the process for Amazon Web Services customers to use Fugue to bring their environments into compliance quickly, demonstrate compliance at any time, and Shift Left on cloud security.

November 19, 2020

Rollbar announced AI-assisted workflows powered by its new automation-grade grouping engine.

November 19, 2020

Buildkite expanded its integration with GitHub and introduced a new onboarding experience.

November 19, 2020

Rancher Labs launched a new Partner Program for the OEM and embedded community.

November 18, 2020

Puppet announced its evolution to an integrated automation platform to enable key business initiatives such as scaling DevOps, risk reduction, policy as code, and evolving cloud strategies.

November 18, 2020

Adaptavist has joined the GitLab partner program as a Select partner.

November 18, 2020

Postman launched the beta version of public workspaces, a hub that makes it possible for both API producers and consumers to seamlessly communicate and collaborate in real time without team or organizational boundaries.

November 17, 2020

Red Hat introduced new capabilities for Red Hat Enterprise Linux and Red Hat OpenShift intended to help enterprises bring edge computing into hybrid cloud deployments.

November 17, 2020

Humio announced the availability of the Humio Operator.

November 17, 2020

Accurics announced that Terrascan, the open source static code analyzer that enables developers to build secure infrastructure as code (IaC), has been extended to support Helm and Kustomize.