Cloud Sight™ by Threat Stack, Inc

Continuous Monitoring For Elastic Infrastructure

Join The Beta

Elastic Servers, Meet Elastic Security

Using cloud infrastructure, you know you can accelerate delivery of applications and scale to meet the needs of modern business.

But in the world of virtual datacenters, software-defined networks, and servers that come and go, who handles security?

Don't worry: Cloud Sight was built specifically for the elastic requirements of the cloud.


Security Through Visibility

Cloud Sight continously monitors and records system activity (such as logins, processes, network activity, and file changes).

Using a lightweight agent that is designed to be as simple as possible to deploy, we capture an unprecented level of security data, and retain it securely off-box.

Correlating it all, we provide a powerful view into your system’s security posture.

Process Behavioral Insights

Cloud Sight’s Process Behavioral Profiling (PBP)™ technology powers our detection and analytics.

Leveraging your historical data and our platform, we automatically build a profile of normal application behavior for each unique server role.

This profile serves as a trusted baseline from which to detect potentially malicious activity, and can be applied to any number of elastic instances in a role.

The Power Of Post Processing

Cloud Sight does the legwork of post-processing so that the alerts we generate are based on historical context -- not just a small window of observed system activity.

We couple these alerts with our DVR-like recording of system activity: a record of who did what and when, along with our observed history of deviations.

Accurate alerts + meaningful context = prompt, efficient response.

Cloud Ready By Design

Cloud Sight is built in the cloud, for the cloud. We support transient instances, so you can maintain valuable security history even beyond the lifetime of an individual instance.

Furthermore, as a native, cloud-formed application, Cloud Sight's architecture auto-scales itself so you don’t have to.

It’s cloud ready, by design, after all.

Resist Attacks

Resisting attacks starts with building a strong defense.

Cloud Sight allows you to instantly create firewall rules based on a server profile that can be automatically applied to similar systems through logical grouping.

Furthermore, our APIs allow you to integrate our system into your workflow, so you can respond faster.

Questions We Answer

How do we know if we are already compromised? Given a baseline of normal system activity, is there anything anomalous? Who is logged in, from where, and what did they do? What processes are running and why? What happened on an instance that existed 6 weeks ago? What DNS and network traffic is each process is generating and is this normal? … and more!

Powerful Forensics

Think of Cloud Sight as a surveillance camera for system activity, capturing and retaining the relationships between system activities.

Cloud Sight naturally expediates investigations and incident response forensics. No more parsing through log files for hours or hiring a third-party security consultant to determine the extent of a breach.

The rich audit trail created by Cloud Sight can also be integrated to external applications via APIs.

Actionable Alerts

Unlike traditional intrusion detection systems, our alerts come pre-packed with context.

Get alerted as soon as Cloud Sight detects suspicious activity. From an alert, determine when a user logged in and what commands they ran, along with other important information to enable rapid response.

Cloud Sight will also send you a daily report summarizing new or potentially suspicious behavior observed on your systems.

See Cloud Sight™ In Action

Join The Beta