Webinar: integrating security into your CI pipeline

Our latest webinar Integrating security into our CI pipeline, examines how containers and image vulnerability assessment can be integrated into your DevSecOps tools and processes. After all, one of the biggest challenges of adopting containerization is fast and effective vulnerability…

Read More

Changes in the CIS controls and why you need to know

Have you heard of the top 20 Controls from the Center for Internet Security (CIS)? These are also known as the CIS common controls and they’re my favorite list of controls. Sure, PCI, NIST, CSA, SOX, FERPA, NERC, and HIPAA…

Read More

Proactive versus reactive vulnerability management

A career in information security is a trial by fire, one I dove into headfirst when I began career 18 years ago. Challenging problems reared their ugly heads through attacks like NIMDA, CodeRed, SQLSlammer and others. These viruses took advantage…

Read More

Webinar: Five tips to secure Docker containers

We’ve got a new webinar coming out January 24th that you won’t want to miss; especially if your organization is implementing containers anytime soon. This five tips to secure Docker containers webinar builds off of a five container tips blog…

Read More

What the Apache Struts vulnerability means for you

Unless you’ve been avoiding the news lately, you’ve likely heard about a few major breaches and the Apache Struts vulnerabilities associated with them. Apache Struts 2 is an elegant, extensible framework for building enterprise-ready Java web applications. But unfortunately this…

Read More

Introduction to Software Vulnerability Assessment

CloudPassage Halo’s Software Vulnerability Assessment module (SVA), is one of the most critical components of the Halo platform. The SVA module regularly scans all of your protected servers to detect known vulnerable packages, providing universal visibility into your workloads. These…

Read More

Petya / GoldenEye is spreading. Here’s how Halo can help.

The latest wave of ransomware, Petya/GoldenEye, started hitting Ukraine, Russia and western Europe earlier today and has already brought down critical infrastructure. Among those confirmed as impacted are Kiev’s main airport and metro system, Ukraine’s state power company, and several…

Read More