What the Apache Struts vulnerability means for you

This post was originally published here by cliff turner. Unless you’ve been avoiding the news lately, you’ve likely heard about a few major breaches and the Apache Struts vulnerabilities associated with them. Apache Struts 2 is an elegant, extensible framework for building enterprise-ready Java web applications. But unfortunately this year there have been multiple security […]

Infographic: Containers – tiny solutions for whale-sized challenges

This post was originally published here by casey pechan. We’ve been talking quite a bit about containers lately, and for good reason. CloudPassage recently announced Project Azul, our single-platform container security solution with automated compliance and security controls to monitor and secure containers, for example in Docker. And as you may know, container adoption is seeing some explosive […]

Cloud security landscape – what do organizations really need?

This post was originally published here by jeffb. You probably don’t associate the 2001 smash hit Shrek with cloud security, but consider the below quote: “Onions have layers. Ogres have layers. You get it? We both have layers.” – Shrek “Oh, you both have layers. Oh you know, not everybody likes onions. Cake! Everybody loves cake! Cakes […]

Introduction to Software Vulnerability Assessment

This post was originally published here by   leslie devlin. CloudPassage Halo’s Software Vulnerability Assessment module (SVA), is one of the most critical components of the Halo platform. The SVA module regularly scans all of your protected servers to detect known vulnerable packages, providing universal visibility into your workloads. These scans cross-reference the software installed […]

The social side of hacking

This post was originally published here by  casey pechan. Perhaps one of the most devious forms of phishing is social engineering, or the gleaning of critical information about individuals or organizations through social media, email, or other social interactions. In fact, the most recent global cyber infections – WannaCry and NotPetya were initially spread in […]

Containers 101 – What do you need to know?

This post was originally published here by shaane syed. Thanks to Docker, containers are now the future of web development. According to DataDog, 15% of hosts run Docker, which is significantly up both from the 6% of hosts running it at this point in 2015 and the 0% of hosts running it before it was released […]

10 ways to ensure your employees practice excellent security

This post was originally published here by casey pechan External cyber threats are a constant concern for business organizations. They dedicate teams to try to stay one step ahead of the latest ransomware or virus at any given time. However it can be easy to overlook one of the greatest risks to an organization’s security: employees. […]

White paper: A new approach for securing DevOps in the cloud

This post was originally published here by casey pechan. It’s no secret we love the team over at Puppet. We’ve got our approved CloudPassage module on PuppetForge, and we’ve already shown you different ways you can tackle securing DevOps using Puppet and CloudPassage Halo in tandem. Now we’ve put heads together to give you a deep-dive into securing […]

It’s all about containers: unveiling Project Azul and Halo platform updates

This post was originally published here by david appelbaum. We have two exciting announcements to unveil at CloudPassage. Last month we announced the new-generation security analytics engine and this month we’re announcing something even more exciting: Project Azul as well as some additional Halo platform updates. Project Azul is our single-platform container security solution with an extensive […]

When it comes to cyber attacks, NATO means business

This post was originally published here by david appelbaum. Here’s something a little scary to think about: NATO’s Secretary General, Jens Stoltenberg, said last month that a massive cyber attack could trigger Article 5 of the organization’s treaty. For those of you blissfully unaware of the ins and outs of international treaties, this is actually […]

CloudPassage Halo is an on-demand, automated security platform that works in any infrastructure, at any scale. Halo is delivered as a service, so it deploys in minutes and scales dynamically — with no servers to provision and configure. With Halo, our customers deploy layered security at every workload – servers, virtual machines, cloud instances and containers.
Share this page