A single, cloud-native platform for workload compliance and security across the entire infrastructure stack, throughout the application lifecycle.
Cloud Posture Management
Identification of changes made to cloud configuration through service provider APIs, including host instances, security groups, IAM policy, and access keys.
Build-time and runtime application security, including developer feedback and live attack detection and blocking.
Real-time, continuous monitoring and protection for Linux and Windows virtual machine workloads.
RESTful APIs and built-in integrations that leverage existing incident response, investigation, and analytics tools.
Container & Kubernetes Security
Detection of risky behaviors, active threats, and configuration issues for containers, container orchestration, and managed container services.
Extend your team’s security expertise and resources with the Threat Stack Cloud SecOps Program℠.
Threat Stack Oversight℠
Reduce mean-time-to-respond with 24/7 monitoring and alert escalation from the Threat Stack Security Operations Center.
Threat Stack Insight℠
Improve your cloud security posture with deep security analytics and a dedicated team of Threat Stack experts who will help you set and achieve your security goals.
Follow along as the Threat Stack Security Team shows how a malicious actor leverages the unique characteristics of the public cloud to launch their attack.
See inside an active cryptomining malware campaign as Threat Stack’s Security Operations Center (SOC) details a recently discovered variant of the Shellbot malware.
Threat Stack offers unique solution packages to meet your cloud security goals.
Trade Up Program
Trade in any competitive solution and receive an invoice credit for current contract towards a Threat Stack plan, a dedicated on-boarding team, and customer service manager.
Compliance for Cloud Workloads
Demonstrate continuous monitoring to auditors with pre-built rulesets and compliance reports that map to major regulatory compliance requirements like PCI-DSS, HIPAA, and SOC 2.
Security for AWS
Integrate Threat Stack with AWS to monitor changes and misconfigurations across multiple accounts and services.
Monitor for anomalous or risky behaviors across host, container, and container orchestration to alert you to signs of compromise.
Detect and remediate vulnerabilities across your infrastructure.
File Integrity Monitoring
Monitor for creates, deletes, opens, and edits to secret files to identify nefarious activity and satisfy compliance requirements.
Correlate security signals across your entire infrastructure stack with flexible built-in integrations, APIs, and data lake integration for SIEM.
Bring Security and DevOps teams together: Deploy in minutes and auto-scale with configuration management tools and Kubernetes to monitor cloud-native resources throughout the build pipeline.
Monitor all of your de-coupled, stateless, polyglot services in a single solution, even when they’re built and deployed in separate pipelines by different teams.
Fargate Security Monitoring
Threat Stack fills the visibility gap for managed container services like AWS Fargate, with process tracking and detailed netflow metadata.
View Resource Center
eBooks & Whitepapers
Customer Case Studies & Testimonials
Cloud security tips, insights, and ideas.
Stay up to date with the latest press releases, news, and events from Threat Stack.
Watch a sophisticated cloud attack and learn the necessary steps to prepare yourself.
Meet the Threat Stack leadership team.
Building a great company starts with building a great team.
55 Summer Street
Boston, MA 02110
Hear what our customers explain how Threat Stack has made them more successful and secure.
Become a Threat Stack Partner.
How can we help you?
Patrick Cable is Director of Platform Security at Threat Stack. As an infrastructure security engineer, Patrick focuses on ensuring the security of the Threat Stack Platform by collaborating with other departments, implementing security tools, and building new technology to make security easier for everyone in the organization. Prior to working at Threat Stack he was Associate Staff in the Secure and Resilient Systems Group at MIT Lincoln Laboratory where he worked on improving cloud security in research environments.
21 total posts.
June 9, 2020
Threat Stack has an event processing pipeline that processes millions of messages per second sent to us by customer agents, our internal services, ...
February 27, 2020
The Threat Stack Security Operations Center loves data. And Threat Stack has a lot of data! Our SOC analysts leverage Amazon Elastic MapReduce and ...
December 10, 2019
At Threat Stack, we attend a lot of conferences: They can be a powerful way to connect with like-minded professionals and educate yourself on ...
September 12, 2019
Here at Threat Stack we really like Yubikeys — and they’re a critical part of our security program. Many folks know Yubikeys for their ability to ...
August 29, 2019
Trash Taxi: A Lifecycle Management Tool for
Superuser Discovery & Cleanup
October 30, 2018
Our Motto is: Threat Modeling: The sooner the better, but never too late. — OWASP
The practice of creating a threat model can help teams ...
July 25, 2018
If the headlines are any indication, hackers continue to exploit vulnerabilities in cloud infrastructure platforms, with targeted AWS attacks ...
July 10, 2018
Over the past couple of weeks, both Macy's and Timehop experienced breaches as a result of authentication weaknesses. On July 4, social media startup ...
July 9, 2018
As a security company, there’s a lot of pressure to keep our data secure while still moving fast and innovating on product development. I find the ...
May 16, 2018
More companies are moving to the cloud than ever before. Amazon Web Services (AWS) is one of the most popular cloud platforms, and for good reason: ...
May 3, 2018
No matter where you sit in your organization, you should know what happens when you sacrifice security for speed. Threat Stack recently surveyed ...
April 12, 2018
Even organizations that understand the importance of cybersecurity in theory often stumble when it comes to marrying security initiatives with their ...
February 27, 2018
SOC 2, which was developed by the American Institute of CPAs (AICPA), is specifically designed for service providers storing customer data in the ...
November 30, 2017
There’s a lot of talk in the business world — especially the software-driven side of it — about achieving and maintaining velocity. The ability ...
September 5, 2017
In an earlier post, we talked about how we implemented centralized authentication at Threat Stack. This project initially allowed us to create ...
April 21, 2017
Authkeys, Threat Stack’s new open source tool, performs LDAP lookups of SSH keys without the need for using scripts or other interpreted code.
April 14, 2017
Threat Stack, like many other Software-as-a-Service providers, has an on-call rotation. During any week, two members of our engineering organization ...
February 28, 2017
One way organizations can improve their security and operational ability is to collect logs in a central location. Centralized logging allows ...
December 20, 2016
I’m a big fan of the YubiKey 4.
The YubiKey is a security device that originally outputted a 44-character “one time password” that could be ...
October 25, 2016
In many startups, centralized authentication is a "future us" problem. Setting up centralized auth is useful for managing your network, but requires ...
October 6, 2016
In the life of many organizations, developers and operations people need credentials that they can use in case of emergency — when, for example, ...