CloudPassage
Rapid transformation in computing – IaaS market trends
This post was originally published here by jack marsal. We are currently witnessing a huge transformation in how computing is done, with on-premises infrastructure being steadily and rapidly replaced by cloud infrastructure. If smartphones were the technology story of the last decade, then Infrastructure-as-a-Service (IaaS) may very well be the story of this one. This […]
Bringing security into the CICD pipeline with Halo
This post was originally published here by casey pechan. There’s a transformation happening in how IT is delivered in enterprises everywhere – what was once a predictable and stable IT environment has now become more fluid and is in a constant state of change. The average lifetime of a server, for example, has gone from […]
Security considerations in a DevOps pipeline
This post was originally published here by amit gupta. Using DevOps methodologies the goal is to speed up deployment using automation while increasing the predictability and manageability of the development cycle. Too often though – and this may be true more often than not – security is left for last, ultimately slowing down deployment, backing […]
Is your security vendor ready for the cloud? 10 questions to ask
This post was originally published here by cliff turner. Cloud security vendors occupy a major role in organizations as both trusted advisor and protector. Because this role has the potential to affect every aspect of your organization, it’s critical to carefully vet your vendor and their platform. To guide your research, use these 10 questions […]
Bringing security up to speed with microsegmentation
This post was originally published here by deepak munjal. Microsegmentation is one of the hottest buzzwords in an industry full of them. It has undoubtedly appeared as a bullet point on countless board slides while CEOs briefly talk up “Our Bleeding Edge Security Practices.” Regardless of how useful it may or may not be in […]
WordPress vulnerability – Privilege Escalation and Content Injection
This post was originally published here by emily gladstone cole. On Thursday January 26th, 2017 the WordPress support team released WordPress 4.7.2. On Wednesday February 1st, 2017 they disclosed an additional vulnerability within the REST API of WordPress that had been fixed with the 4.7.2 release. The vulnerability we are concerned with is a Privilege Escalation and Content […]
A look at CloudPassage Halo and Amazon Inspector
This post was originally published here by deepak munjal. As much as we’d enjoy not facing competition, the fact remains that other companies endeavor to provide some of the same services we do. Let’s just say that some of these companies are small, some of them are large, and one them is Amazon.com. Amazon is […]
CloudPassage Halo update — Making PCI Easier
This post was originally published here by ram krishnan. We’re happy to announce a CloudPassage Halo update! In this release we’ve focused on simplifying customers’ compliance efforts, deepening integration with Amazon Web Services (AWS) using EC2 metadata, and increasing the accuracy of known software vulnerabilities detection for the Microsoft Windows Server platform. We think that […]
New Slack integration for Halo: Don-Bot
This post was originally published here by Ash Wilson. There’s a new tool in the Halo Toolbox and it’s called Don-Bot, and it has nothing to do with the Futurama character. This Don-Bot is named after our mascot, Don T. Daemon. Don-Bot is a Slack bot that allows you to interactively query CloudPassage Halo and receive alerts without opening Yet-Another-Browser-Window, or […]
IT security sucks
It’s rare to find a bunch of people who agree on anything. It’s even rarer when you find a bunch of people who agree that they all suck. Welcome to a rare situation. A few weeks ago, I spoke at the AWS re:Invent conference in Las Vegas. In my audience were hundreds of IT professionals. Some were […]
