Security Experts:

Connect with us

Hi, what are you looking for?


Cloud Security

Cloud Security Startup Emerges from Stealth Mode

A new cloud security startup has emerged from stealth mode today, unveiling solutions specifically designed from the ground up to provide security for elastic cloud servers.

A new cloud security startup has emerged from stealth mode today, unveiling solutions specifically designed from the ground up to provide security for elastic cloud servers.

CloudPassage Cloud Server SecurityCloudPassage, headquartered in Menlo Park, California, is looking to help companies manage their own cloud security by offering a single, purpose-built solution for the cloud that delivers multiple layers of defense for cloud servers.

With the company launch, CloudPassage introduced its new line of server security and compliance products purpose-built for elastic cloud environments: Halo SVM (Server Vulnerability Management) and Halo Firewall.

Most compromises can be prevented by simple configuration changes, software patching or better firewall policies; but in an elastic cloud environment, the rate of growth and change are difficult for companies to manage.

CloudPassage’s Halo SVM addresses server vulnerability management needs with scalability, speed and elasticity needed for cloud server environments. Halo SVM can assess thousands of server configuration points in seconds, enabling customers to maintain continuous exposure and compliance intelligence, even in rapidly growing cloud server farms.

The company’s Halo Firewall controls server attack surfaces by centralizing and automating host-based firewall management. The product provides customers with unified cloud-wide firewall policy management from a graphical web front-end, eliminating the untenable operational overhead and likely errors associated with manual host-based firewall management. Halo Firewall can automatically update individual host-based firewall configurations whenever cloud servers are added or removed – including server cloning or cloudbursting operations – with zero intervention by system administrators. It also helps address the issues of dynamic public-cloud IP addressing, a common firewall management complication cited by IaaS providers.

CloudPassage Screenshot

“Customers of our on-demand, enterprise-level email and social media marketing solutions have high standards for protecting their data and supporting their compliance needs,” said Tim McQuillen CIO and co-founder of StrongMail. “CloudPassage allows us to clearly communicate in exact technical terms how we secure our environments and deliver compliance verification as frequently as needed.”

The ability to create new servers in the cloud within seconds means IT departments can be faster and more agile, but it creates huge security problems. New copies of servers will duplicate all of the vulnerabilities and exposures that already exist, resulting in an increased attackable surface area on a company’s cloud server farm.

“Other server protection solutions that work in public clouds require painful deployment and management contortions,” said Carson Sweet, co-founder and CEO CloudPassage. “Because dozens of new servers can be created in seconds, through cloning and bursting, vulnerability and firewalling need to be done differently in the cloud; they need to be elastic.”

CloudPassage was co-founded by CEO Carson Sweet who previously served as the Principal Solutions Architect at RSA’s financial industry practice.

Read More on Cloud Security in SecurityWeek’s Cloud Security Section.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Cloud Security

Cloud Disaster Recovery - Ingredients for a Recipe that Saves Money and Offers a Safe, More Secure Situation with Greater Accessibility

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...