At Threat Stack, we are all about keeping you secure as you scale your business and your infrastructure. That’s why we have added the ability to use AWS EC2 tags to organize and manage the deployment of Threat Stack IDS and FIM rules in your infrastructure.
As soon as you set up our AWS integration, the Threat Stack Cloud Security Platform® , will pull in and process tag information from your entire EC2 fleet. When creating and editing rules, you can assign tags to manage which types of activities Threat Stack monitors for each subset of your hosts. This powerful capability will help you:
- Closely align Threat Stack monitoring with your existing infrastructure classifications. Behavior that is considered normal on one kind of server might be anomalous or risky on another. This functionality helps you seamlessly apply rules based on these classifications, enhancing your alerts with greater context and meaning.
- Reduce dependency on your DevOps team. Rather than relying on your DevOps team to make sure you have the right rulesets applied to the right servers, rules will be added automatically as you scale up.
- Build on Best Practices for AWS Environments. As a best practice, you should already be using AWS tags to classify, organize, and manage your servers. Threat Stack allows you to extend these classifications to secure your environment as it evolves and grows.
Over the next few weeks we’ll bring you more information on using the new EC2 tagging capability. In the meantime, check out this article for an overview of the AWS EC2 tag integration. If you would like to learn more about how Threat Stack can address your security requirements, take a look at our Cloud SecOps Program℠, and feel free to sign up for a demo of the Threat Stack Cloud Security Platform.