What We Do

CloudPassage Halo is battle-tested protection & compliance for
critical business assets, in any cloud infrastructure, at any scale.

CloudPassage® Halo® delivers the visibility, enforcement and orchestration required to secure modern cloud infrastructure. The magic is a fast, lightweight security agent that attaches to a virtual machine (workload) in any cloud environment (private, public or hybrid). The Halo agent collects status in near real time and enforces comprehensive security policies at the workload level (micro-segmentation) under the instruction of the security analytics engine, which continuously analyzes information about individual VMs and the state of the overall infrastructure environment. Our easy-to-use portal allows customers to centrally automate dozens of critical security and compliance controls as well as instantly report on vulnerabilities.


Why CloudPassage?

Traditional, perimeter-based security models simply don't work with cloud infrastructure. Enterprises need a new paradigm -- one that secures data, applications and virtual machines right at the workload. CloudPassage is unique because it is:


Software-Defined Security

CloudPassage is the world's first software-defined security (SDSec) platform. We invented the category long before others began imitating our approach. So, what is SDSec? It's simple. CloudPassage Halo provides the abstraction, automation, orchestration, automatic scalability and API enablement required to protect workloads in modern cloud infrastructure. Here are the details:



Security and compliance is virtualized and able to operate regardless of where underlying hardware might be physically located.

Netskope Visibility


Implement security and compliance controls (e.g. firewall policies, intrusion detection) with minimal human intervention in deployment, configuration and operation.

Netskope Analytics


Centrally manage the composition, deployment, and management of individual control components into more complex, service-oriented security systems.


Automatic Scalability

Security controls are deployed directly into application scaling mechanisms and have the ability to scale based on application scaling triggers.

Netskope Policies

API Enabled

Security monitoring and enforcement control functions are fully accessible via an open API, enabling full integration with operations and orchestration tools.

test image
White Paper: Implementing Software-Defined Security with CloudPassage Halo

This paper summarizes the five architectural principles of SDSec and the ways in which CloudPassage has implemented them by building the Halo SDSec platform for cloud infrastructure.