CloudPassage Expands Cloud Security Capabilities for Docker, Kubernetes, and Container-related Services on AWS

SAN FRANCISCO, July 21, 2020 /PRNewswire/ -- CloudPassage, a recognized leader in cloud computing security and compliance, announced expanded container-related security capabilities for its award-winning Halo cloud security platform. A range of Halo's capabilities have been extended to Docker and Kubernetes environments hosted in public clouds or on-premises, including configuration security assessment, vulnerability management, log event inspection, threat detection, and compliance monitoring. These capabilities support generic Docker hosts, Kubernetes nodes, and AWS Elastic Container Service (ECS) instances. Halo now also provides API-based security posture management (CSPM) for AWS Elastic Kubernetes Service (EKS) and AWS Elastic Container Registry (ECR).

These new features extend the ability of infosec teams to use Halo to maintain security and compliance in dynamic, diverse, and distributed cloud computing environments. The Halo security platform unifies and automates security controls and compliance across servers, containers, and IaaS resources in any mix of public, private, hybrid, and multi-cloud environments.

"Enterprises of all sizes are increasingly using containers to take advantage of the speed, efficiency, portability, and scale benefits they deliver. However, containers' ephemeral nature and ability to run virtually anywhere can create challenges for information security teams tasked with universal computing asset security," said Carson Sweet, CloudPassage CEO and cofounder. "These new features further extend Halo's unified capabilities to address the market need to do more with a single unified platform."

Enhancement Details
Details of these capabilities include:

    --  Automatic log event inspection for Docker hosts and Kubernetes nodes
        that enables event-based intrusion detection, administrative access
        auditing, and compliance-related event collection (including policy
    --  Configuration security and compliance monitoring for Docker hosts, ECS
        instances, Kubernetes nodes, Fargate deployments, and ECR instances
        (including policy templates)
    --  File integrity monitoring for Docker hosts, ECS instances, and
        Kubernetes nodes that enables intrusion detection and configuration
        drift (including policy templates)
    --  Network traffic discovery for Docker hosts, ECS instances, and
        Kubernetes nodes
    --  Automatic seek-and-scan of Docker images when unknown images launch on
        monitored Docker and Kubernetes hosts to ensure every running image is
        scanned and unknown--or "rogue"--images are detected
    --  Kubernetes-native DaemonSet support automates deployment of the Halo
        microagent on every Kubernetes node for easy security management
        (includes Helm chart support)
    --  Additional enhancements including Halo API updates to include all new
        capabilities for integration with downstream workflows and a Halo Portal
        overview dashboard that summarizes and highlights data for
        container-specific security use cases

Security Blueprint: Automating Security Controls in Kubernetes Environments How-to Guide
To help infosec address the security and compliance challenges cloud-based container architectures create, CloudPassage has published a security blueprint that discusses the layers of the Kubernetes stack and provides best practices for securing each layer. Download the Automating Security Controls in Kubernetes Environments security blueprint.

For More Information about CloudPassage Halo
For details on the Halo unified cloud security platform and its Cloud Security Posture Management (CSPM), Cloud Workload Security Platform (CWPP) and container security services visit:

Automating Security Controls in Kubernetes Environments Security Blueprint

Containerization and Container Orchestration Protection Blog

Securing Kubernetes Blog

Halo Container Secure

Halo Server Secure

Halo Cloud Secure

Halo Unified Platform Overview

About CloudPassage
CloudPassage® safeguards cloud infrastructure for the world's best-recognized brands in finance, e-commerce, gaming, B2B SaaS, and digital media. The CloudPassage Halo® platform unifies security and compliance across servers, containers, and IaaS resources across any mix of public, private, hybrid, and multi-cloud environments. Halo's extensive automation capabilities streamline and accelerate workflows between InfoSec and DevOps. CloudPassage is widely recognized as a cloud security pioneer, with ten patents granted since the first generation of the Halo platform launched in 2011.

View original content to download multimedia:

SOURCE CloudPassage