Latest Blogs

Cloud Security Insights, Thoughts, and Ideas

4 Min Read
The 12 Days of SecDevOps

Jen Andre

December 24, 2014

(Note: The full version of this post is on the SysAdvent blog. Below is a summary.) ...

< 1 Min Read
A New Way to See Your EC2 Environment

Aaron Botsis

December 22, 2014

For companies using AWS for their cloud infrastructure, one of the biggest challenges faced by infrastructure teams is the ability to get a complete ...

4 Min Read
The Linux “Grinch” Vulnerability: Separating Fact From FUD

Jen Andre

December 18, 2014

Recently, a security firm reported what they claimed to be a flaw with a major impact on organizations running Linux. (And apparently since all the ...

3 Min Read
Deconstructing Shellshock To Prepare For the Next One

Threat Stack Marketing Team

December 11, 2014

Yesterday, our Co-Founder and Chief Scientist, Jen Andre, and CEO, Doug Cahill, hosted a live webinar, “Preparing for the Next Shellshock.” ...

2 Min Read
We’ve Raised $5M in Funding To Further Protect Cloud Environments From Intrusions & Data Loss

Doug Cahill

December 10, 2014

We’re thrilled to announce today that we have raised an additional $5M in funding from Atlas Venture and .406 Ventures. The funding will be used to ...

4 Min Read
4 Steps To Effectively Integrate DevOps Workflows With Cloud Security Practices

Pete Cheslock

November 24, 2014

I’ve spent most of my career in Operations, and the last 5 years at various organizations advocating and instilling DevOps principles in the teams ...

2 Min Read
Announcements and Highlights: Threat Stack at AWS re:Invent 2014

Kristin Dziadul

November 20, 2014

We just returned from a great week in Las Vegas, NV for the AWS re:Invent Conference. The conference brought together over 13,500 developers, ...

5 Min Read
Bringing Infosec Into The DevOps Tribe: Q&A With Gene Kim

Pete Cheslock

October 8, 2014

Last week, I had a call with Gene Kim, founding CTO of Tripwire and author of The Phoenix Project (see end of post for more details). ...

3 Min Read
CVE-2014-6271 And You: A Tale Of Nagios And The Bash Vulnerability

Jen Andre

September 25, 2014

The internet is yet again feeling the aftereffects of another “net shattering” vulnerability: a bug in the shell ‘/bin/bash’ that widely ...

4 Min Read
8 Patterns For Continuous Code Security

Chris Wysopal

August 6, 2014

Guest post by Chris Wysopal, CTO at Veracode  ...

3 Min Read
Who Gets Access to Production?

Sam Bisbee

July 23, 2014

This is the third installment in our new series of weekly blog posts that dives into the role of SecDevOps. This series looks into why we need it in ...

4 Min Read
The Case for Continuous Security

Pete Cheslock

July 16, 2014

This is the second post in our new series of weekly blog posts that dives into the role of SecDevOps. This series looks into why we need it in our ...

3 Min Read
Cloud Security Is Always Your Responsibility

Jen Andre

December 18, 2013

Too many times we hear and read about how insecure the cloud is or worse — that the cloud is already secure because IaaS providers have ...