Today Threat Stack is excited to announce a powerful and easy-to-use new feature of the AWS Configuration Auditing capabilities — the Guided Rules Editor for AWS Configuration Auditing. With the Guided Rules Editor, available in the Threat Stack Audit Plan, users can quickly tailor AWS Configuration Auditing rulesets to their organization’s specific security policies and adapt to changes in their environment.
Read more “Write Your Own AWS Configuration Auditing Rules With Threat Stack’s Guided Rules Editor”
PCI Security Standards are technical and operational requirements set by the PCI Security Standards Council to protect cardholder data. Threat Stack customers frequently ask us how Threat Stack can help them comply with these two sets of requirements:
- Requirement 10: Track and monitor all access to network resources and cardholder data (in other words, determine the who, what, where, and when)
- Requirement 11: Regularly test security systems and processes (in order to continuously monitor and test security controls)
The good news is that the following Threat Stack features can provide significant benefits to customers who need to satisfy PCI Compliance Requirements 10 and 11:
- Configuration Auditing
- Vulnerability Scanning
- Rules monitoring file integrity, logins, network access, and threat intelligence activity
In the remainder of this post, we’ll demonstrate how these can help you meet your PCI compliance and security goals. Read more “Demonstrating PCI Compliance Using Threat Stack”
Threat Stack customers receive a great deal of value from our Linux File Integrity Monitoring (FIM), and we have now extended that capability to S3.
Many of our AWS customers are storing their critical files on S3, and for various security and compliance reasons, those files need to be monitored to see if any are being accessed, altered, or deleted.
To help ensure the integrity of the files in S3 buckets, Threat Stack now supports alerting on access and changes to files in specific buckets. AWS now has capabilities for putting object level access into CloudTrail events, and we have added rules to our base rule set to support that feature. Read more “New Threat Stack Feature: S3 File Integrity Monitoring”
Before we get too far into 2017, we want to take a final look back at 2016 — specifically at some of the great enhancements we made to Threat Stack’s Cloud Security Platform®.
In the security world, 2016 was filled with major incidents, including massive data breaches, nation-state cyber interference, crippling DDoS attacks, and increased numbers of ransomware incidents — along with all the less glamorous, day-to-day security threats that had the potential to impact every cloud-based business in existence. So much for the bad news!
At Threat Stack, 2016 was the year we transformed our best-of-breed Host Intrusion Detection System into the industry’s first cloud-native, end-to-end Cloud Security Platform to deliver a unified view into workloads, infrastructure monitoring, vulnerability management, threat intelligence, and compliance reporting. Read more “A Year in the Life of Threat Stack’s Cloud Security Platform®”
How securely configured is my AWS environment? Have I checked all the right boxes? Have I locked all my doors and windows?
With the release of AWS Configuration Auditing — a major new feature of the Threat Stack intrusion detection platform — Threat Stack is the only cloud security monitoring platform that enables customers to assure that their AWS environment is configured to policy and from there, implement continuous security monitoring, alerting, and investigation at any stage in their company’s cloud maturity lifecycle.
Configuration Auditing enables Threat Stack customers operating in AWS to implement AWS security best practices by automatically auditing current environments and providing an immediate, concise report of configurations that are non-compliant with best practices. Threat Stack then offers steps to remediate the issues and make the AWS environment more secure.
Read more “Threat Stack Broadens Cloud Security Platform With New Configuration Auditing”
In the first part of 2016, Threat Stack’s Product Development team concentrated on its goal of continuing to build a powerful, cloud-based security platform with all the features users need to keep their cloud environments protected as they scale.
More recently, we have focused on our second goal — streamlining workflows in three key areas of our Cloud Security Platform® — to ensure that it is easy to use and customize, thus enabling users to move as fast as possible while they prioritize security issues and strengthen their organization’s security.
In Part 1 of this series I explained how we streamlined our Host Intrusion Detection (HIDS) workflows. In Part 2, I am going to describe improvements we’ve made to workflows in the following two areas:
- Server Management
- Software Vulnerability Assessment and Management
Read more “Threat Stack Cloud Security Platform: Streamlined Workflows, Part 2”
At Threat Stack, we have two high-level goals when it comes to product development. First, we want to continue to build a powerful, cloud-based security platform with all the features users need to keep their cloud environment protected as they scale. And second, we want to create a platform that’s easy to use and customize, so users can move as fast as possible and also strengthen their organization’s security.
In the first part of 2016 we put a large effort into the first goal, increasing the breadth and depth of our feature set, including vulnerability assessment, more powerful investigative tools, etc. Recently we have focused heavily on the second goal, streamlining workflows in three areas of our Cloud Security Platform®:
- Host Intrusion Detection (HIDS) Rules Management
- Management of Servers protected by Threat Stack
- Software Vulnerability Assessment and Management
In this post, I’ll discuss how users can customize HIDS using the streamlined rules management functionality. In a follow-up post, I will talk about streamlined workflows that are now available for server management and software vulnerability assessment and management.
This series explores how good UI design plays a key role in keeping users secure by making them more inclined to trust and use their cloud security systems. In Part 1 and Part 2, we examined the onboarding process and the visual design of Threat Stack’s Cloud Security Platform™. Here, in Part 3, we’ll look at an unsung hero of UX design — front-end performance — and its impact on the UI’s responsiveness to user interactions.
Read more “Better Security Through UX Part 3: Responsiveness & Performance”
In Part 1 of this series, I introduced the theme that good user experience (UX) design can actually promote better security overall, by fostering trust and encouraging people to use their security tools more often. We looked at how Threat Stack approaches this topic through the lens of onboarding, or first-time use. Now we’re going to see how this theme plays out in the overall aesthetics, and visual appeal, of the Threat Stack Cloud Security Platform™.
Read more “Better Security Through UX, Part 2: Visual Design and Emotion”
How effective is a security tool if people don’t like using it?
A fancy floor mop sits in my closet. It’s a Swiffer WetJet, and with one look you can see that its designers prioritized good user experience (UX). The weight, shape, and built-in spray nozzle make cleaning the floor easy, convenient, and — dare I say — almost fun. Before I got it, I had a regular old mop, which was messy, inconvenient, and a hassle to use. My new mop leaves its closet at least 3 times a week; the old one was lucky if it saw the light of day once a month.
Read more “Better Security Through UX, Part 1”