Latest Blogs

Cloud Security Insights, Thoughts, and Ideas

3 Min Read
6sense Case Study: Protecting Customer Data & Meeting SOC 2 Compliance

Threat Stack Marketing Team

April 21, 2015

We recently spoke with Threat Stack customer Jameel Al-Aziz, DevOps/Software Engineer for 6sense, and developed the following case study that ...

3 Min Read
A Deep Dive on Threat Stack: Recap of our Live Product Q&A

Kristin Dziadul

March 26, 2015

This week our product team, led by Chris Gervais, Threat Stack’s VP of Engineering, and Aaron Botsis, Threat Stack’s Product Manager, hosted a ...

< 1 Min Read
Get The Inside Scoop: Join Our Live Product Q&A Webinar

Threat Stack Marketing Team

March 11, 2015

Whether you’re a current Threat Stack customer or not, there is a lot you’ll be interested to learn in regards to proactively protecting your ...

5 Min Read
Who Watches the Watchmen? Securing Configuration Management Systems

Jen Andre

February 24, 2015

This is part of a series we’re calling ‘Securing Modern Infrastructure’, where we explore the implications of modern development and operations ...

5 Min Read
Implementing Better DevOps Security: Expert Perspectives

Kristin Dziadul

February 13, 2015

On Wednesday, Threat Stack was featured in an important GigaOM webinar panel, Iron Clad DevOps Security for Your EC2 Environments. The panel included ...

5 Min Read
3 Reasons Why the Host Rules Cloud IDS

Sam Bisbee

February 5, 2015

To truly appreciate why companies like Threat Stack point to the Cloud as a watershed event in their corner of the software industry, one must push ...

2 Min Read
Our 2014 Retrospective

Doug Cahill

January 21, 2015

As we prepare to move across the muddy Charles River from Cambridge to our new offices in Boston’s Innovation District, I find myself reflecting on ...

4 Min Read
The 12 Days of SecDevOps

Jen Andre

December 24, 2014

(Note: The full version of this post is on the SysAdvent blog. Below is a summary.) ...

< 1 Min Read
A New Way to See Your EC2 Environment

Aaron Botsis

December 22, 2014

For companies using AWS for their cloud infrastructure, one of the biggest challenges faced by infrastructure teams is the ability to get a complete ...

4 Min Read
The Linux “Grinch” Vulnerability: Separating Fact From FUD

Jen Andre

December 18, 2014

Recently, a security firm reported what they claimed to be a flaw with a major impact on organizations running Linux. (And apparently since all the ...

3 Min Read
Deconstructing Shellshock To Prepare For the Next One

Threat Stack Marketing Team

December 11, 2014

Yesterday, our Co-Founder and Chief Scientist, Jen Andre, and CEO, Doug Cahill, hosted a live webinar, “Preparing for the Next Shellshock.” ...

2 Min Read
We’ve Raised $5M in Funding To Further Protect Cloud Environments From Intrusions & Data Loss

Doug Cahill

December 10, 2014

We’re thrilled to announce today that we have raised an additional $5M in funding from Atlas Venture and .406 Ventures. The funding will be used to ...

4 Min Read
4 Steps To Effectively Integrate DevOps Workflows With Cloud Security Practices

Pete Cheslock

November 24, 2014

I’ve spent most of my career in Operations, and the last 5 years at various organizations advocating and instilling DevOps principles in the teams ...

2 Min Read
Announcements and Highlights: Threat Stack at AWS re:Invent 2014

Kristin Dziadul

November 20, 2014

We just returned from a great week in Las Vegas, NV for the AWS re:Invent Conference. The conference brought together over 13,500 developers, ...

5 Min Read
Bringing Infosec Into The DevOps Tribe: Q&A With Gene Kim

Pete Cheslock

October 8, 2014

Last week, I had a call with Gene Kim, founding CTO of Tripwire and author of The Phoenix Project (see end of post for more details). ...

3 Min Read
CVE-2014-6271 And You: A Tale Of Nagios And The Bash Vulnerability

Jen Andre

September 25, 2014

The internet is yet again feeling the aftereffects of another “net shattering” vulnerability: a bug in the shell ‘/bin/bash’ that widely ...

4 Min Read
8 Patterns For Continuous Code Security

Chris Wysopal

August 6, 2014

Guest post by Chris Wysopal, CTO at Veracode  ...

3 Min Read
Who Gets Access to Production?

Sam Bisbee

July 23, 2014

This is the third installment in our new series of weekly blog posts that dives into the role of SecDevOps. This series looks into why we need it in ...

4 Min Read
The Case for Continuous Security

Pete Cheslock

July 16, 2014

This is the second post in our new series of weekly blog posts that dives into the role of SecDevOps. This series looks into why we need it in our ...

3 Min Read
Cloud Security Is Always Your Responsibility

Jen Andre

December 18, 2013

Too many times we hear and read about how insecure the cloud is or worse — that the cloud is already secure because IaaS providers have ...