CloudPassage announces Cloud Secure for Azure

CloudPassage, the leader in automated cloud security, today announced strengthened capabilities in its Halo security automation platform. Now providing visibility and configuration best practices for applications running in Microsoft Azure, CloudPassage Halo is the most comprehensive public cloud infrastructure security solution available on the market.

Cloud Secure, part of the CloudPassage Halo platform, is an automated Cloud Security Posture Management (CSPM) solution that delivers visibility, protection and continuous compliance monitoring for compute, storage, database, networking and identity services. Unlike point-solutions that provide an incomplete and disjointed view of public cloud services, Cloud Secure provides a comprehensive, integrated view of IaaS (Infrastructure-as-a-Service) environments and resources from a single interface.

“In larger cloud environments, correct configuration of the control plane has become extremely complex, leaving the organization’s information and workloads at risk…,” said Neil MacDonald, Distinguished VP Analyst at Gartner. “To assess and manage the security posture of the cloud control plane, a market is emerging for cloud security posture management (CSPM), previously called CISPA…” Neil continued. “…For large, cloud-based workload deployments, CSPM capabilities should be considered mandatory.”1

According to 451 Group, 69 percent of organizations plan to be running a multi-cloud environment by the end of 2019; which means most organizations will require visibility of critical IT assets in a variety of locations. However, gaining this level of visibility has proved challenging due to the high rates of expansion in the cloud attack surface of modern IT infrastructures.

“Consumption of public cloud infrastructure services continues to increase, causing security teams to struggle to maintain a comprehensive and up-to-date inventory of cloud assets in-use across multiple environments throughout their enterprise,” said Ryan Thomas, head of product at CloudPassage. “Previously, centralized IT teams were responsible for selecting and deploying enterprise infrastructure, but now decentralized and high-velocity development teams select and deploy public cloud services as needed. To enable efficient risk assessment and remediation, it’s important that security professionals know what public cloud services are in use, who is consuming those services, and whether they are configured securely.”

While other tools can identify vulnerabilities in data hosted by a single provider, such as AWS or Azure, CloudPassage offers unprecedented insights with its single-solution, single pane of glass visibility for both providers. The Halo platform delivers actionable information about critical risks other tools miss with its outside-in and inside-out security visibility of both the control plane and compute plane.

Benefits include:

• Automatically discover public cloud assets: Quickly discover and inventory resources and services in use across any number of public cloud accounts in use in your organization to better manage cyber risk.
• Reduce your attack surface: Reduce the attackable surface area of your public cloud deployments by detecting insecure resource and service configurations so you can remediate them.
• Prioritize remediation: Prioritize remediation work on the greatest risks by understanding the relationships between exposed assets. Assess the security of your cloud-delivered compute, storage, and other infrastructure services such as compute workloads (containers, virtual machines, serverless functions) as well as cloud provider application services (database, storage, networking, auditing, IAM, etc.).
• Decrease exposure time: Enable fast and effective remediation by providing actionable information to the people who need it in an automated fashion. Automate remediation workflows by sending vulnerability and remediation information via Amazon SNS and other notification mechanisms.
• Maintain continuous compliance: Continuously monitor for compliance violations by auditing data from your public cloud services and resources. Achieve and maintain compliance by addressing policy requirements for CIS AWS Foundations Benchmark, HIPAA, ISO 27001, NIST 800-53, NIST 800-171, PCI DSS and SOC 2.