Understanding Cryptojacking — Why It Matters to You and How to Defend Against It

Security researchers have recently uncovered several high profile cases of cryptojacking involving companies like Tesla and the LA Times. In these incidents, cryptocurrency “miners” illegally gained access to an organization’s public cloud services and exploited their computing power to generate more digital coins.

In this blog post, we’ll give you a basic primer on what cryptomining is, how it’s typically done, and how to avoid unintentionally exposing your company to cryptojackers. Read more “Understanding Cryptojacking — Why It Matters to You and How to Defend Against It”

Threat Stack a Four-Time Winner in 2018 Info Security Products Guide’s Global Excellence Awards

Threat Stack was honored in four categories as winners of the 14th Annual Info Security PG’s Global Excellence Awards® were announced in San Francisco at a gala attended by finalists, judges, and industry peers:

Read more “Threat Stack a Four-Time Winner in 2018 Info Security Products Guide’s Global Excellence Awards”

Three Mistakes Teams Make in Operationalizing Security (and a Better Alternative)

With the challenges presented by today’s cloud security landscape, organizations with limited time and resources are taking a variety of approaches in their attempts to incorporate security into their operations practices. Some approaches work better than others, but none provide the silver-bullet solution that some organizations seek. Below, we’ll explore three popular strategies that sound promising but prove to be problematic — and we’ll propose a better way going forward. Read more “Three Mistakes Teams Make in Operationalizing Security (and a Better Alternative)”

How to Benchmark Your SecOps Maturity and Make Continuous Improvement

Over 50% of companies admit to cutting back on security measures to meet a business deadline or objective, according to our recent SecOps Report. In other words, security is falling by the wayside, even as companies invest heavily in DevOps. With DevOps able to move more swiftly than ever in the cloud, security is often mistakenly viewed as a business decelerator, serving as an impediment to DevOps’ efficiency.

But strong security is not only vital to a healthy business in its own right; it can also speed sales cycles, drive revenue, and clear the way for new business opportunities. The key is integrating security with development and operations workflows and embedding it within business practices from the outset.

To do this, it’s necessary to get all stakeholders on the same page around security goals. One way to do that is to build a shared framework. With the help of the new Threat Stack® Cloud SecOps Maturity Framework, benchmarking your security maturity is a straightforward process of evaluating your strengths and weaknesses, and this enables you to develop a clear and actionable plan to move forward. Read more “How to Benchmark Your SecOps Maturity and Make Continuous Improvement”

Threat Stack Launches Cloud SecOps Program

Security + Operations — Better Together!

Yesterday was a game-changer for Threat Stack and the cybersecurity community! That’s when we launched the Threat Stack Cloud SecOps Program, offering a radical transformation in the way Security and Operations teams can work together.

The Threat Stack Cloud SecOps Program has been purpose-built to give organizations the roadmap, technology, and people they need to integrate Security and Operations. Now companies of all sizes can securely leverage modern infrastructure and DevOps at scale!

To see for yourself, take a look at the following video where core members of the Threat Stack team give insights into the what, why, and how: Read more “Threat Stack Launches Cloud SecOps Program”

The Threat Stack Cloud SecOps Program: Why We Built It & How It Can Help Your Organization Become More Secure

An Interview With Brian M. Ahern

Cybercrime stands out as the greatest threat posed to every business around the world today. That’s fact, not FUD. Cybercrime is forecast to cost organizations around the globe $6 trillion annually by 2021, doubling its toll from 2015. To put it plainly, this represents the greatest economic wealth transfer in history, and cements cybercrime as a more profitable enterprise than the entire global illegal drug trade.

If you want to build an organization that will survive this onslaught intact, then the question you must answer today is: “What is your team doing to proactively reduce and remediate your security risks?

To help you answer that question, we are thrilled to announce our brand-new Threat Stack Cloud SecOps Program℠. This new program empowers organizations to revolutionize the way security and operations teams collaborate, proactively fortify infrastructure, and reduce attack surface. The program enables companies of all sizes to minimize their risk profiles without straining security or operations teams. And it accomplishes these goals by applying DevOps principles (like shared KPIs, automation, and continuous feedback) to security. Read more “The Threat Stack Cloud SecOps Program: Why We Built It & How It Can Help Your Organization Become More Secure”

Threat Stack Introduces Rapid Baselining — Transforming Data Into Actionable Intelligence

One of the biggest challenges with alert-based IDS solutions is handling the sheer volume of alerts that can be generated on a daily basis. Teams need a way to navigate this data so they can quickly and effectively hone in on the critical details that indicate anomalous activity and tune alerts that are unique to their environment — thereby ensuring ongoing protection against threats and continuously enhancing their organization’s security posture.

At Threat Stack, we have always made sure that customers are seeing the most important security alerts so they can run efficient workflows. To strengthen that capability, we have just introduced Rapid Baselining — a new feature that groups alerts based on the associated rule. By leveraging the metadata within the alerts, we add deeper intelligence to the alert information. Read more “Threat Stack Introduces Rapid Baselining — Transforming Data Into Actionable Intelligence”

High Visibility Ahead: Building and Using Orchestration to Set Security Priorities

At Threat Stack, we use our own intrusion detection platform to protect Threat Stack. This gives us critical visibility into security events and alerts tied to our AWS infrastructure and instances, an all too popular target. But our infrastructure extends beyond AWS into additional vendor-managed solutions such as Cloudflare, SalesForce, corporate email, and others. So a key question is: How can we not only monitor those platforms, but also use the data from these logs to drive security priorities?

With that in mind, we set out to create a new custom internal app that can receive, store, and perform actions on information from all of these different sources. We opted to build this internal pipeline (some would call this security orchestration) instead of buying an off-the-shelf product because our security team indexes so highly on engineering and programming. We felt we could take an event-driven framework in a language we all knew and easily extend it to meet our needs, incorporating our internal detection and automated response frameworks, a choice we would not have made if our team or organization looked different. Read more “High Visibility Ahead: Building and Using Orchestration to Set Security Priorities”

Enhancing the Power of Your SIEM With Threat Stack’s Intrusion Detection Platform

Trying to manage security with only one security tool (or, for example, having to use log files alone) can be a major headache. The right combination, however — like a SIEM coupled with an intrusion detection platform — can produce great results, including better data, smaller amounts of data, shorter processing times, and lower operating costs. Read more “Enhancing the Power of Your SIEM With Threat Stack’s Intrusion Detection Platform”