Smart organizations already know that running securely is key to success in today’s competitive landscape. So why isn’t security table stakes in 2018?
Unfortunately, there seems to be a disconnect between what organizations want when it comes to security, and what they’re actually able to put into practice. In Threat Stack’s recent report, Bridging the Gap Between SecOps Intent and Reality, we found that 85% of organizations believe bridging the gap and employing SecOps best practices is an important goal, yet just 35% say that SecOps is a completely or mostly established practice at their organizations, and 18% say it’s not established at all.
It’s clear that the challenge is how to make SecOps work in the real world. Whether you’re challenged by a security talent shortage, siloing between teams, out-of-date skills, or major rifts in perception, it is possible to better integrate SecOps using the right strategy.
To help you apply security best practices to your organization, let’s take a look at four concrete ways that teams can begin to close the SecOps chasm. Read more “How to Make SecOps Work in the Real World”
Live Tuesday, March 27 at 1:00 p.m. EST
Click here to register.
Common wisdom holds that, when it comes to software releases, you can only have two of: good, fast, or secure. But we don’t agree at all. When DevOps is implemented thoughtfully and holistically — and when security is brought into the process early — it’s entirely possible to release high-quality, secure code as quickly as the market demands.
In this webinar, we’ll walk you through exactly how Threat Stack has avoided sacrificing security on the altar of speed and share best practices to help you achieve the holy trinity of good, fast, secure code at your organization. Read more “Upcoming Webinar — Good, Fast, or Secure? Why DevOps Means You Don’t Have to Choose”
SOC 2 compliance is one of the most common customer use cases we come across here at Threat Stack. Developed by the American Institute of CPAs (AICPA), the framework is designed for service providers storing customer data in the cloud, and SaaS companies among others often turn to us as they begin to feel overwhelmed by the requirements.
Having undergone a Type 2 SOC 2 examination ourselves, Threat Stack’s Senior Director of Operations Pete Cheslock, and Senior Infrastructure Security Engineer Pat Cable, gathered for a webinar recently to discuss exactly what we did to achieve SOC 2 compliance with zero exceptions. Read the recap below, or listen to the full webinar here. Read more “How to Achieve Type 2 SOC 2 With Zero Exceptions — Webinar Recap”
Our recent survey found that over 50% of companies admit to cutting back on security measures to meet a business deadline or objective. As long as companies are willing to sacrifice security at the altar of speed, the long-held dream of marrying DevOps and security simply won’t become reality.
To speak to the issue, Threat Stack’s Head of Operations, Pete Cheslock, and PagerDuty’s Senior Application Security Engineer, Franklin Mosley, joined the SANS Institute for a recent webinar. You can listen to the full webinar here or read the major takeaways below. Read more “52% of Companies Sacrifice Cybersecurity for Speed — Webinar Recap”
Live Thursday, March 1 at 1:00 p.m. EST (18:00:00 UTC)
Click here to register.
A recent Threat Stack survey finds that over 50% of companies admit to cutting back on security measures to meet a business deadline or objective. As long as companies are willing to sacrifice security to gain speed, the long-held dream of marrying DevOps and security won’t come true.
Who & What
Join this webinar to hear Pete Cheslock, Threat Stack Senior Director of Operations, and Franklin Mosley, PagerDuty Senior Application Security Engineer, discuss the current status of SecOps along with critical gaps and obstacles.
Here are a few of the survey findings:
- 68% of companies say their CEO demands that DevOps and security teams do nothing to slow the business down
- 57% percent say their Operations team pushes back on security best practices
- 44% of developers aren’t trained to code securely
- Live Thursday, March 1 at 1:00 p.m.EST (18:00:00 UTC)
The SaaS subscription model can make churn an unavoidable issue because there’s nothing to prevent customers from cutting ties with one provider and moving to another.
As a security or operations professional at a SaaS company, you know you have to address trust and loyalty at the platform level so your customers experience optimal performance. You also know you have to deal with the unique security requirements associated with your SaaS infrastructure. The good news is, if you take steps to ensure platform stability, performance, and data security, you’ll be well-positioned to attract prospects and build long-term customer trust.
To help you get there, our new eBook — 5 Ways to Strengthen Your SaaS Security & Build Customer Loyalty — offers practical advice and specific steps you can take to avoid operational pitfalls, secure your SaaS business, and give customers the assurances they need to stay loyal to your service. Read more “New eBook: 5 Ways to Strengthen Your SaaS Security & Build Customer Loyalty”
As you’re probably well aware by now, security is different in the cloud. The good news, of course, is that running in the cloud offers more visibility than ever before. It’s now possible to gain a bird’s-eye view of your entire environment, something that was unimaginable with on-premise data centers.
In partnership with Dark Reading, Threat Stack’s VP of Product, Chris Ford, got together in a recent webinar to discuss measurement and monitoring in the realm of cloud security with Rich Mogull, CEO and Analyst at Securosis. You can read the recap below or view the entire webinar here. Read more “Strategies for Measuring and Monitoring the Cloud Like a Boss — Webinar Recap”
The GDPR deadline is looming large. With fewer than 100 days until May 25, many U.S. companies are still unsure what their responsibilities are under GDPR and what steps they need to take to meet new requirements.
To help you prepare, Threat Stack product marketing manager Hank Schless got together with Paul-Johan Jean, GDPR legal consultant at Sphaerist Advisory to give a high level-summary of GDPR responsibilities for U.S. companies in a recent webinar. You can either stream the archived webinar right now, or read the recap below. Read more “T-72 Hours to Report a Breach – Are You GDPR Ready? – Webinar Recap”
Threat Stack is proud to announce that we have successfully completed a Type 2 SOC 2 examination for the Security and Availability principles with Schellman & Co for our intrusion detection platform and Oversight Managed Service.
This accomplishment is especially exciting for the Threat Stack team because we were able to pass our first SOC 2 examination with zero exceptions — without having taken the organization through any similar experiences before — underscoring our commitment to maintaining rigorous security standards in our company’s technology, processes, and personnel along with the highest level of security and privacy for our customers.
In this post, we want to share highlights of Threat Stack’s SOC 2 journey — why we chose this standard, the process we followed, and our commitment to our customers. In upcoming posts we’ll provide more detailed specifics as our customers go through similar journeys. Read more “Threat Stack Successfully Completes Type 2 SOC 2 Examination”
The Winter Olympics haven’t even started, but Threat Stack has already taken home two Golds and a Bronze in the 2018 Cybersecurity Excellence Awards.
The Awards, which were announced yesterday, honored Threat Stack with:
- Gold for Intrusion Detection & Prevention
- Gold for Insider Threat Detection
- Bronze for Best Cybersecurity Startup
Read more “Threat Stack Takes Home Gold in the 2018 Cybersecurity Excellence Awards”