We believe Threat Stack’s cloud security approach is validated by
inclusion in Gartner’s “Market Guide for Cloud Workload Protection Platforms” Report
Read more “Threat Stack Included in Gartner Market Guide for Cloud Workload Protection Platforms Report”
At Threat Stack we are continuously enhancing the Cloud Security Platform® to improve your ability to identify and respond to threats. We have just added an “Alert Trends” view that lets you quickly and easily see spikes in alerts, enabling faster detection of anomalous behaviors. Read more “Threat Stack Introduces Alert Trends”
In previous posts we have described how Threat Stack can help demonstrate compliance, for example with PCI and FFIEC guidance, HIPAA, SOC 2, and other compliance frameworks. (See the Resources section below.) To assist our customers with these initiatives, we have created sample compliance rule sets that can be used to generate alerts that are mapped to specific requirements of these frameworks.
In this post we explain how to leverage the Threat Stack API to create reports of alerts from specific rule sets that can be given to auditors to help demonstrate compliance, used internally, or shared with customers. Read more “How to Generate Compliance Alert Reports Using the Threat Stack API”
Continuing our commitment to improving the user experience, we are announcing the most recent enhancement to AWS Configuration Auditing — the ability to view multiple AWS accounts from one central location.
- If you are a current customer, this feature will be updated automatically.
- If you’re not yet a Threat Stack customer, the links at the bottom of this post will give you excellent insights into the capabilities of Threat Stack’s AWS Configuration Auditing.
Read more “Configuration Auditing Adds Single View for Multiple AWS Accounts”
Amazon Web Services, the ubiquitous cloud infrastructure provider, has made it increasingly easy for businesses to move to the cloud and take advantage of the scalability, flexibility, and cost savings this approach offers. For some businesses that are contemplating the move to AWS, you may be wondering whether it’s necessary to have a team of developers who can help to ensure that you are capable of running securely on AWS.
The short answer is: You don’t need to start from scratch when it comes to security, and you don’t need to have extensive coding resources in-house to run securely on AWS. With the right tools at your disposal, you can quickly measure compliance with your unique security policy and adapt to changes in your environment as needed.
Here’s what you need to know to run securely on AWS, with or without a legion of development resources at your disposal.
Read more “Why You Don’t Need to Code to Run Secure on AWS”
The Product Team at Threat Stack is always on the lookout for ways — big and small — that we can make the Threat Stack experience smoother and easier for our users. Recently we rolled out a small UI change that makes a big difference in helping you triage your AWS Configuration Auditing results.
Since we released AWS Configuration Auditing at the end of last year, we’ve had a great response to the feature from new and existing customers alike. But as the feedback rolled in, one theme caught our attention: At a glance, users were taking a while to discern where their focus was most needed — in other words, which violations to remediate first. We wanted to learn more. Read more “Small Details, Big Impact: Improving Configuration Auditing”
The Threat Stack Cloud Security Platform® is an important tool for companies with cloud compliance initiatives, including HIPAA, PCI, SOC 2, and FFIEC. To help our customers with these initiatives, Threat Stack has released four new example rulesets with monitoring rules that map to each of these compliance frameworks. This post is an introduction to these rule sets, and explains how to:
- Request the rule sets
- Use the compliance rule sets
- Customize compliance rules
- Create new compliance rules
(If you’re not a customer, this post will give you an excellent insight into one of Threat Stack’s powerful characteristics — the ability to create, clone, and edit rules in order to reflect the specific nature of your environment.) Read more “Working With Threat Stack Sample Compliance Rule Sets”
Today Threat Stack is excited to announce a powerful and easy-to-use new feature of the AWS Configuration Auditing capabilities — the Guided Rules Editor for AWS Configuration Auditing. With the Guided Rules Editor, available in the Threat Stack Audit Plan, users can quickly tailor AWS Configuration Auditing rulesets to their organization’s specific security policies and adapt to changes in their environment.
Read more “Write Your Own AWS Configuration Auditing Rules With Threat Stack’s Guided Rules Editor”
PCI Security Standards are technical and operational requirements set by the PCI Security Standards Council to protect cardholder data. Threat Stack customers frequently ask us how Threat Stack can help them comply with these two sets of requirements:
- Requirement 10: Track and monitor all access to network resources and cardholder data (in other words, determine the who, what, where, and when)
- Requirement 11: Regularly test security systems and processes (in order to continuously monitor and test security controls)
The good news is that the following Threat Stack features can provide significant benefits to customers who need to satisfy PCI Compliance Requirements 10 and 11:
- Configuration Auditing
- Vulnerability Scanning
- Rules monitoring file integrity, logins, network access, and threat intelligence activity
In the remainder of this post, we’ll demonstrate how these can help you meet your PCI compliance and security goals. Read more “Demonstrating PCI Compliance Using Threat Stack”
Threat Stack customers receive a great deal of value from our Linux File Integrity Monitoring (FIM), and we have now extended that capability to S3.
Many of our AWS customers are storing their critical files on S3, and for various security and compliance reasons, those files need to be monitored to see if any are being accessed, altered, or deleted.
To help ensure the integrity of the files in S3 buckets, Threat Stack now supports alerting on access and changes to files in specific buckets. AWS now has capabilities for putting object level access into CloudTrail events, and we have added rules to our base rule set to support that feature. Read more “New Threat Stack Feature: S3 File Integrity Monitoring”