Application Membership Control with CloudPassage Halo

Let’s face it- nobody’s production environment is completely pristine and secure.  Ideally, we try to embrace security as a cultural component or state of mind, and we create processes to cover our asse(t)s and hope that we don’t hobble our productivity in the process. Security Automation (SA) and Software-Defined Security (SDSec) are the new hotness, but what do those buzzwords mean to the people who have to translate a broad concept into a process that makes them more effective?  To help us illustrate the practical application of these broad and somewhat abstract terms we’ll draw parallels with older and more established concepts.  Within the IT and infrastructure management disciplines there exists the concept of Network Access Control, or NAC.  One of NAC’s purposes is to validate that the connecting host complies with the company’s security policy before being admitted to the network.  Translating that concept to the cloud, we’ll introduce the concept of Application Membership Control with CloudPassage Halo by automating the admission of workloads into a tightly-controlled application environment, but only if they’re compliant with your configuration policies.

Read more >

Shellshock Security Update

As of Friday, Red Hat, Ubuntu, Amazon and other vendors have released updates to address the CVE-2014-6271 vulnerability, also known as “Shellshock”. This vulnerability allows remote attackers to execute arbitrary code on servers from a variety of vectors and affects a substantial number of servers running on the Internet.  As of Friday, Sept 26th at 11:30am PDT, all CloudPassage production systems have been patched and are no longer susceptible to Shellshock.