Halo CSM

Configuration security monitoring with Halo

leslie devlin / 06.27.17

After taking a brief hiatus, it’s time to return to another segment of Halo explainer videos! This week we’re diving into CSM, or the configuration security monitoring module in Halo. This module is integral to many of our security processes, and properly taking advantage of it provides you with a wealth of insight into your workloads. And as you likely know, maintaining continuous visibility in modern compute environments can often feel like a challenge.

The Halo CSM module allows you to carefully monitor your configuration settings, system files, running processes, ownership and permissions to ensure that there are no red flags that could indicate that your workload security is at risk.

Like other Halo modules, CSM is managed by creating one or more policies and applying them to a server group. In the video below I’ll walk you through the step-by-step process of setting up a CSM for my engineering group of workloads.

Once you set up your CSM, Halo will continually scan your protected servers, looking for settings that are violating the policies you’ve put into place. Halo will then report its findings back to the Halo Portal or directly to you through email alerts.

To learn more about this process, check out the video below!