CloudPassage Halo Customer Reminder: IPv6 Firewall

We have noticed some cloud service providers that our customers are using are starting to implement IPv6 routing.  Their base cloud server images may include IPv6 configurations enabled by default. The CloudPassage Halo Firewall Management feature does not currently support … Read MoreRead More


CloudPassage Halo Now Detects the VENOM Vulnerability

This week a vulnerability, dubbed VENOM (CVE-2015-3456), was discovered in the floppy disk driver code of the hardware emulator and virtualization software called QEMU (Quick Emulator). This might sound otherwise pretty esoteric, but it just so happens that the QEMU … Read MoreRead More

Abandon the Perimeter

We’ve grown dependent on a perimeter.  Vendors build tools that have no security at all without a robust perimeter.  This term colors the way we as an industry think about security.  The assumption of a perimeter makes decisions for us, … Read MoreRead More

Why Security is DevOps

Security is DevOps, but many think it’s not the case. Different teams collaborate to quickly and swiftly bring a product to fruition in the DevOps world. However, it’s often felt that Security will slow the process down. In this post … Read MoreRead More

Finding Malware with Firewall Rules

A customer new to our host-based firewall management wanted to be able to detect if a server had been compromised with malware. One way to spot this is to look for and log unauthorized outbound traffic. But how do you … Read MoreRead More

How to Turn the CISO from “Dr. No” to a True Business Enabler

The world is not only getting smaller, it’s getting faster. CEOs everywhere are singularly focused on business agility, innovation and competitive advantage to drive growth and profit. And they’re looking to the office of the CIO for help. I don’t … Read MoreRead More

Halo Now Detects the GHOST Vulnerability

This week a vulnerability in a foundational piece of software (the C language library used by Linux operating systems) was announced (CVE-2015-0235). It affects a particular function in the ‘glibc’ library file that has the potential to be remotely exploited … Read MoreRead More

What’s in Store for 2015? Five Cyber Predictions for the Coming Year

Predictions are a dangerous thing. Because even fantastically smart people can be fantastically wrong. To wit: “There is not the slightest indication nuclear energy will ever be obtainable.” —Albert Einstein “Television won’t last.” —Darryl Zanuck “There’s no chance the iPhone … Read MoreRead More

Security Is More Than Isolation – Security Basics for Docker

There have been lots of discussions during the past year about the security of Docker containers, but a majority of them seem to have been focused on just one aspect of containers: isolation. Kernel namespaces (process isolation), control groups (resource … Read MoreRead More

WordPress Slider Revolution Detection

On Monday, December 15th, SC Magazine reported a story about a plugin vulnerability for WordPress that has compromised over 100,000 sites. The plugin, ThemePunch’s Slider Revolution, is a premium WordPress plugin that has also been incorporated into many other commercially available WordPress themes.  Users … Read MoreRead More