Security Breaks DevOps – Here’s How to Fix It

The concepts of communication, collaboration, abstraction, automation and orchestration are cornerstones of the rapidly growing DevOps movement. At the same time reliance on virtualized infrastructure and Infrastructure-as-a-Service has exploded, making manual provisioning and management simply not feasible anymore; it takes … Read More


Alternative Chains Certificate Forgery

On Thursday, July 9th the OpenSSL Project Team released a security advisory with the details and the patched versions of OpenSSL affected by the vulnerability called the “Alternative chains certificate forgery” (CVE-2015-1793). The team had announced on their OpenSSL-announce mailing … Read More

CloudPassage Halo Customer Reminder: IPv6 Firewall

We have noticed some cloud service providers that our customers are using are starting to implement IPv6 routing.  Their base cloud server images may include IPv6 configurations enabled by default. The CloudPassage Halo Firewall Management feature does not currently support … Read MoreRead More


CloudPassage Halo Now Detects the VENOM Vulnerability

This week a vulnerability, dubbed VENOM (CVE-2015-3456), was discovered in the floppy disk driver code of the hardware emulator and virtualization software called QEMU (Quick Emulator). This might sound otherwise pretty esoteric, but it just so happens that the QEMU … Read MoreRead More

Abandon the Perimeter

We’ve grown dependent on a perimeter.  Vendors build tools that have no security at all without a robust perimeter.  This term colors the way we as an industry think about security.  The assumption of a perimeter makes decisions for us, … Read MoreRead More

Why Security is DevOps

Security is DevOps, but many think it’s not the case. Different teams collaborate to quickly and swiftly bring a product to fruition in the DevOps world. However, it’s often felt that Security will slow the process down. In this post … Read MoreRead More

Finding Malware with Firewall Rules

A customer new to our host-based firewall management wanted to be able to detect if a server had been compromised with malware. One way to spot this is to look for and log unauthorized outbound traffic. But how do you … Read MoreRead More

How to Turn the CISO from “Dr. No” to a True Business Enabler

The world is not only getting smaller, it’s getting faster. CEOs everywhere are singularly focused on business agility, innovation and competitive advantage to drive growth and profit. And they’re looking to the office of the CIO for help. I don’t … Read MoreRead More

Halo Now Detects the GHOST Vulnerability

This week a vulnerability in a foundational piece of software (the C language library used by Linux operating systems) was announced (CVE-2015-0235). It affects a particular function in the ‘glibc’ library file that has the potential to be remotely exploited … Read MoreRead More

What’s in Store for 2015? Five Cyber Predictions for the Coming Year

Predictions are a dangerous thing. Because even fantastically smart people can be fantastically wrong. To wit: “There is not the slightest indication nuclear energy will ever be obtainable.” —Albert Einstein “Television won’t last.” —Darryl Zanuck “There’s no chance the iPhone … Read MoreRead More