CloudPassage, a company securing the critical infrastructure of many of the leading global finance, insurance, media, e-commerce, high-tech service providers, transportation and hospitality companies, has announced the beta release of its newest product built on their Halo platform, code-name: Project Cielo. It would offer complete visibility and insights into the resources in use across all cloud service providers’ (CSPs’) accounts and services within a single interface.

CloudPassage Halo is a workload security automation platform that would provide universal visibility and continuous protection for servers in any combination of data centers, private/public clouds and containers. CloudPassage’s Halo platform is delivered as a service, so it would deploy in minutes and scale effortlessly.

CloudPassage’s Halo platform, which includes Container Secure and Server Secure, would allow enterprises to secure assets like dedicated servers, cloud instances, containers and artifact registries using a single platform, regardless of asset location. The addition of Project Cielo extends the CloudPassage Halo platform to handle cloud-delivered compute, storage, and other infrastructure services, making it “unique” in protecting application components anywhere and in any delivery model, at speed and scale.

Functional capabilities of Project Cielo would include:

  • Continuously monitor AWS services for adherence to CIS AWS Foundations Benchmark, AWS best practices, and internal configuration standards

– IAM user MFA, S3 bucket limited exposures, etc.

– Enhanced compliance reporting capabilities with detailed results that support all benchmark rules

  • Obtain “worldview” with contextual intelligence about monitored assets to better inform technical risk analysis

– Identifies applications which are at risk, hierarchically organizes the most urgent situations, IAM role misconfigurations, exploitations, applications and data that could be affected, EC2 instances without Halo agent, etc.

  • Automates remediation requests to responsible application team via SNS