Magic for DevOps Teams — Threat Stack Announces Containerized Agent

Every day, malicious actors are taking more complex routes into cloud infrastructure and leveraging increasingly covert traits to persist for longer periods of time. As Dark Reading put it in a recent article, “Attackers are abusing the characteristics of cloud services to launch and hide their activity as they traverse target networks.” With the rapid adoption of containers and orchestration tools as part of that infrastructure, organizations are presented with yet another layer to protect from these complex attacks.

Containers bring many advantages to DevOps such as easier write-test-deploy cycles, flexibility to explore new frameworks, and a simpler way to make updates to individual resources or a range of components in your applications. As more teams move towards containerized workloads, DevOps teams expect the security tools they leverage to keep pace without slowing them down.

To ensure alignment with those expectations, Threat Stack is excited to announce a containerized agent that will be available to customers next month. The containerized agent will provide the deployment and velocity benefits of containerization while concurrently monitoring and alerting on container activity across the entire infrastructure, no matter where customers fall on the container adoption spectrum. Read more “Magic for DevOps Teams — Threat Stack Announces Containerized Agent”

Lessons in Resilience: A Conversation on Security at REdeploy 2018

I spent last week out in San Francisco at REdeploy to learn about Resilience Engineering and what it means to build solid, sustainable infrastructures, organizations, and teams. This was the first conference of its type, and it did not disappoint.

While there was an incredible lineup of speakers, the real value, in my opinion, came from the engagement and discussions that took place after the on-stage talks. Not only did the speakers and attendees mingle at every break, but the conference organizers also hosted a speaker panel at the end of each day where attendees could ask questions, and the speakers themselves could discuss some of the themes presented throughout the day. I eagerly took advantage and sat down with a few people to find out what Security means for Resilience Engineering. Read more “Lessons in Resilience: A Conversation on Security at REdeploy 2018”

Why Kubernetes is Not a Silver Bullet

Container adoption is on a meteoric rise. Gartner estimates that 50 percent of companies will use container technology by 2020, up from less than 20 percent in 2017. It’s not hard to see why — containers’ offer greater DevOps flexibility along with an optimized build/deployment pipeline.

The surge in container adoption is the driving force behind a new phenomenon in developer circles that we at Threat Stack lovingly refer to as “Kubernetes FOMO.” Eager to get on board with the most popular orchestration platform around, organizations are jumping on the Kubernetes bandwagon.

And why not? Kubernetes speeds container deployment and enables the management of multi-container clusters at scale. It allows for continuous integration and delivery; handles networking, service discovery, and storage; and has the ability to do all that in multi-cloud environments.  

Some would call Kubernetes a silver bullet in the world of container deployment and management, but that doesn’t mean it comes without security concerns. In this post, we’ll discuss a few things to watch out for if you’re considering a move to Kubernetes, as well as some tips on ensuring that your infrastructure remains secure during a transition. Read more “Why Kubernetes is Not a Silver Bullet”

3 Things to Know About Kubernetes Security

Gartner estimates that 50 percent of companies will use container technology by 2020, up from less than 20 percent in 2017. The operational benefits of containers, including optimized build times and more efficient use of infrastructure resources, have caused a surge in interest in container orchestration platforms like Kubernetes. At the same time, Kubernetes deployments have opened up a whole new set of infrastructure security concerns for Development and Operations teams.

For teams just getting started with Kubernetes deployments, here’s an overview of three things you need to know about securing your infrastructure from the outset. Read more “3 Things to Know About Kubernetes Security”

Why an Infrastructure Transition is the Perfect Time to Invest in Security

You’re in the midst of an infrastructure transition, and you have a million and one things on your plate. Whether you are deploying containers for the first time or configuring your orchestration tool, dealing with evolving infrastructure can be overwhelming, so security can surely wait, right? Wrong!

The problem with delaying security until your new infrastructure is up and running is the exposure risk your organization will have in its environments. When you put off security until a crisis occurs, you miss the important strategic advantages gained by integrating a security program into your operations from Day 1. Meanwhile, as security sits on the backburner, your new infrastructure is left perilously exposed.

Remediating an attack is always more troublesome, costly, time consuming, and damaging than getting security right in the first place. Therefore, it’s vital to build a culture of security from the beginning and to continuously reinforce it. Here are three reasons why the perfect time to invest in security is when you’re transforming your infrastructure. Read more “Why an Infrastructure Transition is the Perfect Time to Invest in Security”

Infrastructure in Transition: Securing Containers

Organizations are migrating from virtual server workloads to containers at a frenzied pace, buying into the increasingly popular technology and taking advantage of containers’ many benefits in terms of agility. The application container market is set to explode, according to 451 Research: Annual revenue is expected to increase by 400% over a period of five years, growing from $749 million in 2016 to more than $3.4 billion by 2021.

It’s not hard to see why. Containers are simple to deploy and provide users with greater operational flexibility and compute density, resulting in an optimized build pipeline. Turning to a container orchestration platform, such as Kubernetes, removes an additional layer of operational complexity for even greater ease of deployment and management.

However, a transition in infrastructure is never simple, and along with the advantages come new security challenges. In this post, we’ll discuss some of the risks you should consider before diving headfirst into a container environment, as well as some solutions for mitigating them. Read more “Infrastructure in Transition: Securing Containers”

Q&A With Pat Cable: How Threat Stack Secures Evolving Infrastructure

With the popularity of container environments on the rise, we’ve seen many Threat Stack customers undergoing infrastructure transitions of late. Whether they’re deploying containers for the first time or moving to container orchestration platforms, the shift is one that requires careful consideration when it comes to security. Often, however, organizations just don’t know where to begin in terms of integrating security with their evolving infrastructure.

Recently, I sat down with Pat Cable, Threat Stack’s Senior Infrastructure Security Engineer, to get his point of view on the challenges posed by evolving infrastructure and how Threat Stack can help ensure a secure transition. Read more “Q&A With Pat Cable: How Threat Stack Secures Evolving Infrastructure”

High Visibility Ahead: Building and Using Orchestration to Set Security Priorities

At Threat Stack, we use our own intrusion detection platform to protect Threat Stack. This gives us critical visibility into security events and alerts tied to our AWS infrastructure and instances, an all too popular target. But our infrastructure extends beyond AWS into additional vendor-managed solutions such as Cloudflare, SalesForce, corporate email, and others. So a key question is: How can we not only monitor those platforms, but also use the data from these logs to drive security priorities?

With that in mind, we set out to create a new custom internal app that can receive, store, and perform actions on information from all of these different sources. We opted to build this internal pipeline (some would call this security orchestration) instead of buying an off-the-shelf product because our security team indexes so highly on engineering and programming. We felt we could take an event-driven framework in a language we all knew and easily extend it to meet our needs, incorporating our internal detection and automated response frameworks, a choice we would not have made if our team or organization looked different. Read more “High Visibility Ahead: Building and Using Orchestration to Set Security Priorities”

The State of Container Security: What We Learned From Our Survey

Containers are a big topic of conversation right now — and for good reason. They represent a powerful and transformative shift toward infrastructure that can enable flexibility and rapid development unlike anything we’ve seen before. However, as containers continue to proliferate, so do the security and compliance issues that surround them. Many in the market do not fully understand these concerns or how to address them. Our recent report with ESG Strategy Group (Threat Stack Cloud Security Report 2017: Security at Speed & Scale) bore this out.

Containers cannot solve every development or infrastructure problem; they are not the panacea that many believe them to be. But they do offer new opportunities that, when used properly, can move your organization forward. Read more “The State of Container Security: What We Learned From Our Survey”

5 Common Myths Around Moving to Docker

As you probably know by now, containers are a high-priority topic at companies of all sizes. But there are a lot of myths surrounding this technology as well, in part because it is new and unfamiliar territory for most, and simply because the technology is so young.

In this post, we’ll debunk five of the pervasive myths and misunderstandings that surround containers, with a focus on Docker (since it is currently the most widely adopted container technology by a sizeable margin). Let’s dive in. Read more “5 Common Myths Around Moving to Docker”