CloudPassage Announces Project Azul
August 02, 2017

CloudPassage announced plans for a broad set of automated compliance and security controls for containers, codename Project Azul, in order to ensure a monitored and secured containerized operating environment for enterprises.

CloudPassage Halo provides a cloud workload protection platform, automating the security of virtual machines (VMs) and hosts across private cloud, public cloud, and data center environments for the Fortune 1000. As part of Project Azul, CloudPassage will provide the same efficient, automated security for VMs, hosts, and containers, allowing enterprises security and visibility from a single platform and agent.

“CloudPassage Halo was purpose-built for highly automated application development and deployment environments,” said Jack Marsal, Director of Product Marketing, CloudPassage. “Today, Halo is employed by leading digital enterprises deploying virtual machines across clouds and servers at speed and scale. With the rapid adoption of containers, the need for a single security and compliance platform that can protect both hosts and containers has become a critical ask from our customers.”

Unlike other container security products, CloudPassage Project Azul will secure all elements of the container environment: container images, running containers, and the container engine/ host.

Project Azul is currently in beta testing and will be widely available in winter 2017.

In addition, the automated cloud security provider is also announcing a new release of CloudPassage Halo, the company’s automated cloud workload security platform. The update includes the addition of support for Windows Server 2016, multi-factor authentication (MFA), and enhancements to existing reporting features.

As a result of these updates, Halo users can now:

- Leverage industry leading software vulnerability detection on Windows Server 2016

- Assess compliance with the CIS Benchmark for Windows Server 2016

- Obtain inventories of software, processes and user accounts on Windows Server 2016

- Detect unintended filesystem and registry changes as well as unauthorized user behavior on Windows Server 2016

- Enroll a one time password authentication factor using any mobile authentication app that supports time-based one time passwords (TOTP), including Duo Security, Google Authenticator, Authy, and others

- View the overall state of CVE assessment, top CVEs to address, top vulnerable servers, and more

- Schedule reports to run at a specific time and on a recurring basis

- Demonstrate to auditors that they have a disciplined security program

The Latest

August 17, 2017

Mobile SDKs (software developments kits); love them or hate them, they're here to stay. They provide our apps with all sorts of functionality that would be incredibly time consuming to build, and they give us another means to monetize our apps. While it would be difficult to argue that SDKs aren’t useful, it’s also hard for developers to get a good idea of the amount of resources used by each SDK once the app is in production ...

August 15, 2017

A common belief within DevOps circles is that automation not only enables greater frequency of delivery and deployment, but improves its overall success rate. Whenever manual intervention is required, the chances of errors creeping in increases. Human error is a significant factor in many an outage, after all ...

August 14, 2017

DevOps and NetOps are both far more generous in their opinion of the other with respect to prioritization of efforts than traditional archetypes purport them to be, and they have a lot in common – even though they may disagree on details – according to a new survey by F5 ...

August 10, 2017

Only 12 percent of organizations can claim that their whole organization is on the path to business agility even though more than two thirds of survey participants agreed that agile organizations are better able to quickly respond to dynamic business conditions, according to a new survey from CA Technologies ...

August 09, 2017

Alongside its clear benefits, DevOps brings unique challenges when developing and operating a mobile environment. Mobile app developers and development teams face a unique set of requirements relating to collaboration, testing, and release. Technology fragmentation, disparate back-end systems, updates that require user action, and poor instrumentation can impede the DevOps process and become critical roadblocks to agile mobile development, ultimately impacting app retention and the bottom line ...

August 07, 2017

A crashing app might be a deal breaker, no matter how heavy the load that an alternative website entry point can handle would be. It is all about quickly verifying compliance against key functional and non-functional requirements in order to meet aggressive release schedules as part of the Go-to-market strategy. This means positioning unit testing, UI testing, API testing, and, of course, performance and load testing — as pillars of SDLC ...

August 03, 2017

Most software developers make themselves easy targets for hackers, even when they are behind a corporate firewall, according to a new survey from Netsparker Ltd. ...

August 01, 2017

Your top priority is to improve application development agility, but you may run into roadblocks put up by a security team that (mistakenly) believes speed is the enemy of effective cybersecurity. A new survey finds a majority of enterprises are working to overcome those roadblocks by integrating security into their existing DevOps methodology ...

July 31, 2017

Agile development compresses software testing cycles, jeopardizing risk coverage and opening the door for software failures. Here's what you can do ...

July 27, 2017

While 75 percent of organizations highlight continuous testing as critical or important, only a minority of survey respondents have made exceptional progress acquiring the necessary knowledge and key enablers to drive digital transformation, according to a global study by CA Technologies ...

Share this