‘Tis the Season To Be Proactive, Vigilant, & Transparent

Cyber Monday is here (and for those of us in the cloud security business, it’s also the start of the AWS re:Invent 2017 conference). So given all the strange things that have been happening in our cyber environment, we thought we would once again remind organizations and consumers alike about the need to be proactive and extra vigilant in their security practices. Read more “‘Tis the Season To Be Proactive, Vigilant, & Transparent”

Your Personal Guide to AWS re:Invent 2017

Secure the Strange Things Happening in Your Cloud

Booth #204 | November 27 – December 1 | Las Vegas, NV

Are you attending the AWS re:Invent conference next week?

There’s a lot happening this year, so we thought we’d publish a brief guide to help you get the most out of it.

If you’re not able to attend, stay tuned to our blog. We’ll be providing updates in real time and after the event, we’ll be sharing highlights as well as a few additional goodies. Read more “Your Personal Guide to AWS re:Invent 2017”

The 7 Key Functions of a Modern Intrusion Detection Platform

When you’re making a mental shift away from legacy, on-prem security thinking, you may be wondering what an effective, modern security solution looks like. You may already know that you should prioritize detection and not focus solely on prevention, but what exactly goes into a best-case intrusion detection solution?

The graphic below should help you understand the five key components of intrusion detection. When considering what types of solutions to invest in, you want to make sure you have all of these bases covered from a technical point of view:

Beyond these core capabilities, we recommend that you keep the following  seven major requirements in mind in order to focus on the holistic goals of an IDP. Read more “The 7 Key Functions of a Modern Intrusion Detection Platform”

Join Threat Stack at re:Invent 2017

Secure the Strange Things Happening in Your Cloud

Booth #204 | November 27 – December 1 |  Las Vegas, NV

re:Invent 2017 is coming up fast! Threat Stack started attending in 2014, and the conference just keeps getting better.

We’re honored to be a sponsor again this year, and we’ve planned a lot of fun and informative activities. Here’s a brief preview: Read more “Join Threat Stack at re:Invent 2017”

How Allocadia Uses Threat Stack to Secure Infrastructure & Accelerate Sales

In this guest blog post, Sabino Marquez, Allocadia’s CISO, outlines his company’s experience using Threat Stack. Specifically, he explains how Threat Stack’s intrusion detection platform enabled Allocadia to secure its infrastructure, integrate security into Dev and Ops workflows, and significantly accelerate the sales cycle. Read more “How Allocadia Uses Threat Stack to Secure Infrastructure & Accelerate Sales”

New eBook: Myth Busting Intrusion Detection

Your Guide to Intrusion Detection for Modern Infrastructure

Many organizations that need cloud security are laboring behind a cloud of myths — unable to clearly define their requirements and match them to technology solutions and best practices that will enable them to operate securely at speed and scale in the cloud. Our new eBook — Myth Busting Intrusion Detection — is designed to clarify these issues. Read more “New eBook: Myth Busting Intrusion Detection”

Taking Care of Basics — Lessons From the Boston Cyber Security Summit

This year’s Cyber Security Summit: Boston was a tremendous success. It was rewarding to see so many business leaders, cyber experts, government officials, and thought leaders in one place, all dedicated to advancing the security of our cyber environment.

The event’s mission is to connect C-Suite and Senior Executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts.

Parsed out, this meant that the event offered up a lot of valuable insights into the state of cyber security, an exhibit floor filled with leading solution providers demonstrating the latest products and services, and much practical advice on a multitude of security and compliance-related topics.

Threat Stack was honored to be a Gold Sponsor. We were also an exhibitor, and Sam Bisbee, our CSO, was well received for his contribution to one of the main panel discussions.

As usual with these gatherings, there was far too much going on to give a full recap here. However, I do want to focus on some of the highlights from the “Compliance Nightmare” panel, because it reminds us that we should never forget the basics. Read more “Taking Care of Basics — Lessons From the Boston Cyber Security Summit”

How to Secure a Non-Production Environment (Webinar Recap)

“This code is fine, right?”

“It should be…”

“Wait… but what about this configuration?”

“Fine, I’ll test it in dev…”

This conversation sounds all too familiar, right? Your non-production environments are the foundation for the tools, applications, and services you provide to your customers. The history of every code deployment, mistake, and refinement made to create your product can be found there.

While test and dev environments serve a different purpose from production environments, they too, can be open to the outside world and introduce risk if not secured. Chances are, the data you’re storing, analyzing, or processing in non-production environments are just as sensitive as the data you push out to production. So why skimp on security here just because it’s not a production environment?

Yesterday, we hosted a brief webinar (led by our Chris Gervais,  VP of Engineering) focusing on the importance of securing non-production environments and how to do so. In case you missed it, here’s the recording along with a written  recap. Read more “How to Secure a Non-Production Environment (Webinar Recap)”