CloudPassage is one of a number of different companies in the market today vying to help enterprises securely use the cloud.? The company, led by RSA veteran Carson Sweet, has raised $29 million in funding since its inception three years ago.
Sweet, the CEO, explained that when he started the company there weren’t a lot of regulatory compliance needs associated with the cloud. However, as more large enterprises have adopted cloud, security and compliance needs have grown — which is where CloudPassage fits in.
The primary solution from CloudPassage is a technology called Halo, an automation platform for the delivery of security and control across public and private clouds. Sweet said the platform includes a number of modules including network access control, two-factor authentication, intrusion detection, configuration and path monitoring, and end-user management.
The Halo system has a central cloud-based analytics engine service. From a device perspective, CloudPassage gets its control by way of a lightweight application called the Halo daemon. The Halo daemon sends information into the analytics cloud and responds to requests from the cloud service.
The decision to use a system daemon for control visibility rather than just plugging into APIs from a given cloud vendor is all about being agile, said Sweet, who stressed that the Halo daemon will not affect the performance of the underlying application and servers.
“We explicitly decided to not build dependencies on Amazon, Rackspace or VMware,” he said. “We want it to be seamlessly portable.”
One of the primary use-cases for CloudPassage’s solution is for Payment Card Industry Data Security Standard (PCI-DSS) compliance. The company is on the PCI Counsel and has been active in helping to shape its guidance for security recommendations in the cloud.
“The value proposition with Halo is that we automate about 75 percent of the technical infrastructure controls that are needed to meet PCI compliance in one shot,” Sweet said.
The market for cloud security solution is a competitive one. For Sweet, the key challenge however is about awareness.
“I do still believe that the mind shift away from thinking about security as a perimeter box is still pretty ingrained,” Sweet said. “Security that moves around with workloads is something that people understand conceptually but not everyone has latched onto how it will actually work.”
Sean Michael Kerner is a senior editor at eSecurity Planet and InternetNews.com. Follow him on Twitter @TechJournalist.