CloudPassage Overview
CloudPassage, now integrated into the Fidelis Security portfolio as part of the Fidelis CloudPassage Halo platform, is a comprehensive cloud security solution designed to provide visibility, automation, and robust security measures for cloud infrastructure and applications.
What CloudPassage Does
CloudPassage is a cloud-native application protection platform (CNAPP) that unifies security and compliance across all cloud assets, including servers, containers, and cloud services. It is engineered to operate at cloud speed and scale, ensuring that organizations can maintain secure and compliant cloud environments without additional costs or complexity.
Key Features and Functionality
1. Vulnerability Management
CloudPassage continuously scans cloud instances and containers for vulnerabilities and misconfigurations, providing detailed reports and prioritizing remediation efforts based on risk.
2. Compliance Assurance
The platform helps organizations meet regulatory compliance requirements by continuously monitoring cloud infrastructure and applications against industry standards and compliance frameworks.
3. Host-Based Intrusion Detection (HIDS)
CloudPassage offers host-based intrusion detection, monitoring cloud hosts for signs of unauthorized access, malware, and other security threats.
4. Security Configuration Management
It enables organizations to enforce security policies and best practices consistently across their cloud infrastructure, ensuring consistent security configurations.
5. Asset Inventory and Discovery
The platform provides visibility into cloud assets, including virtual machines, containers, and services, helping organizations maintain an up-to-date inventory and detect unauthorized or rogue assets.
6. Container Security
CloudPassage extends its security capabilities to containers, ensuring that containerized applications are secure and compliant with policies. It also secures container orchestration platforms like Kubernetes and Docker Swarm.
7. Automated Remediation
The platform offers automated remediation for security vulnerabilities and misconfigurations, reducing the manual effort required to address security issues.
8. File Integrity Monitoring
CloudPassage monitors critical files and directories for changes, helping organizations detect unauthorized modifications or tampering.
9. Incident Response
It assists in incident response efforts by providing real-time alerts and insights into security incidents, helping organizations investigate and mitigate threats.
10. Security Orchestration and Automation
CloudPassage can be integrated with security orchestration platforms to automate response actions and workflows in response to security events.
11. Microsegmentation
Organizations can use CloudPassage to implement microsegmentation strategies in the cloud, restricting network access between workloads based on security policies.
12. Comprehensive File Integrity Monitoring and Log-based Intrusion Detection
These features are part of the Fidelis CloudPassage Halo platform, ensuring deep visibility and detection capabilities.
Architecture and Deployment
- Agent Deployment: CloudPassage deploys lightweight agents on cloud instances and containers. These agents collect security-related data and communicate it to the CloudPassage platform.
- Halo Grid: This is the central component that manages and processes data from CloudPassage agents, including the Halo Portal for configuring security policies and viewing security data.
- Halo API: The platform provides an API for integrating CloudPassage data and functionality into existing security tools and workflows.
- Halo Mobile: Administrators can access CloudPassage security data and alerts via a mobile app for on-the-go monitoring.
Additional Capabilities
- Hybrid Support: CloudPassage supports security and compliance management across public, private, and hybrid cloud environments.
- Frictionless Operation: The platform operates without imposing additional costs or complexity, ensuring seamless integration into existing cloud environments.
- Heartbeat Monitoring: This feature ensures continuous monitoring and heartbeat checks to maintain the health and security of cloud assets.
In summary, CloudPassage, as part of the Fidelis CloudPassage Halo platform, offers a robust set of features and functionalities designed to enhance the security, compliance, and operational efficiency of cloud environments. Its ability to automate security and compliance tasks, provide deep visibility, and integrate with other security tools makes it a powerful solution for organizations looking to secure their cloud infrastructure.