5 SecOps Processes to Try Today

DevOps has enabled businesses to bring products to market faster than ever before. But what about security?

In our recent survey, Refocusing Security Operations in the Cloud Era, 36% of businesses said their top IT goal over the next year is to respond to business needs faster. Conversely, only 10.5% prioritized improving security as their top goal.

There is a misconception that businesses can’t move both quickly and securely. But with SecOps best practices, businesses can move away from the ad hoc, reactive tactics that slow things down, and replace them with repeatable processes that effectively support teams and products. Let’s explore. Read more “5 SecOps Processes to Try Today”

New SecOps eBook for Cloud Infrastructure – A Practitioner’s Guide for Security & Ops Teams

— Shifting From DevOps to SecOps —

Organizations of all sizes have embraced DevOps as a way to deliver work quickly and reliably — but security has often fallen by the wayside in the quest for speed. In a recent survey, 85% of respondents stated that SecOps practices are important, only 35% said it’s a completely or mostly established practice in their organizations, and 18% admitted that SecOps is not established at all.

So what’s the hold up to SecOps adoption? Typically, it’s a concern that security will slow down business.

In our latest playbook — SecOps Playbook for Cloud Infrastructure, Part II: A Practitioner’s Guide for Security & Ops Teams — we offer tips on how to systematically integrate security best practices into DevOps — without sacrificing speed or security.

Read more “New SecOps eBook for Cloud Infrastructure – A Practitioner’s Guide for Security & Ops Teams”

Top 4 Questions to Ask About Compliance, Security, and Containers

Introducing containers into cloud infrastructure can lead to faster development cycles as well as more efficient use of infrastructure resources. With these kinds of competitive advantages, it’s no wonder why container orchestration platforms like Kubernetes are so popular. In fact, Gartner estimates that 50 percent of companies will use container technology by 2020 — up from less than 20 percent in 2017.

While the value and popularity of containers are undeniable, deployments have opened up a whole new set of infrastructure security concerns for Development and Operations teams. This is why more and more companies are focusing on container security to ensure that they don’t ship software with known vulnerabilities, to protect sensitive data, and to maintain compliance with industry-specific regulations such as HIPAA, PCI, or SOC 2. Resources like the Center For Internet Security (CIS) benchmark reports on Kubernetes or Docker provide comprehensive, objective guidelines for organizations transitioning to containers.

In this post, we’ll walk through some of the top questions you need to ask when thinking about establishing security and maintaining regulatory compliance in a container infrastructure environment. Read more “Top 4 Questions to Ask About Compliance, Security, and Containers”

50 Useful Docker Tutorials for IT Professionals (from Beginner to Advanced)

Containers bring many benefits to DevOps teams along with a number of security concerns. This post brings you details about 50 Docker training resources that are designed to train beginner, intermediate, and advanced practitioners on current knowledge about Docker. Read more “50 Useful Docker Tutorials for IT Professionals (from Beginner to Advanced)”

Threat Stack Announces General Availability of Its Docker Containerized Agent

Last month we announced that a containerized version of the Threat Stack Agent was coming soon for customers who are using containers to deploy cloud workloads. Today, we are excited to announce that our Docker Containerized Agent is now generally available up on Docker Hub. As cloud infrastructure shifts more heavily towards containers, we are pleased to bring this option to market as a way to gain unmatched visibility into the entire infrastructure — hosts, containers, and the control plane — to ensure that our customers have the best cloud security monitoring and alerting in place across all their assets. Read more “Threat Stack Announces General Availability of Its Docker Containerized Agent”

22 Most Under-Used AWS Security Metrics

22 AWS Security Pros Reveal the Most Underused/Under-Appreciated AWS Security Metrics

AWS offers a variety of built-in security features that users can take advantage of, but it’s easy for users of all experience levels to get lost in the sea of options and metrics. In fact, in a November 2017 survey, we found that 73% of companies have critical AWS cloud security misconfigurations, and more than one-fourth (27%) were not taking advantage of AWS-native security services like CloudTrail. (Misconfigurations are considered critical if they reduce or eliminate visibility for security or compliance, if they can be leveraged in a direct or complex attack, or if they enable trivial attacks on an AWS console.)

As an AWS Advanced Security Competency Partner, Threat Stack integrates deeply into AWS to provide its customers with unprecedented visibility, more advanced security capabilities, and a cloud-native user experience. Threat Stack’s CloudTrail integration, for instance, bridges the visibility gap between your AWS services and the core systems running in your cloud, giving you automatic alerts about changes to your instances, security groups, S3 buckets, and access keys.

Visibility is essential for sound AWS security, and continuously monitoring your security metrics is a must. Still, while many users understand the importance of ongoing monitoring, many AWS security metrics go underutilized (or ignored). To gain more insight into these important, yet often overlooked security metrics, we reached out to a panel of AWS security experts and asked them to answer this question:

“What’s the most under-used / under-appreciated metric when it comes to AWS security?”

Read more “22 Most Under-Used AWS Security Metrics”

Creating Custom CloudTrail Rules in Threat Stack

The Threat Stack CloudTrail Base Ruleset has several out-of-the-box rules that alert users on activity within some of  AWS’s most popular services (also the ones most prone to attack), including S3, IAM, Glacier, and Lambda. Given that AWS has over 100 services, we want to arm you with the ability to create custom CloudTrail rules in the Threat Stack Cloud Security Platform® based on the specific AWS services you leverage.

In this post, we cover three examples of one of Threat Stack’s most powerful capabilities — the ability to create, clone, and edit CloudTrail-specific rules. We briefly discuss the scenario that explains why we’re crafting the rule and why it’s important to our organization; we also look at the methodology for creating the rule; and finally we test the rule to make sure it works.

In the three examples that follow, we explain how to create custom rules for Route53, DynamoDB, and EBS Volumes. Read more “Creating Custom CloudTrail Rules in Threat Stack”

50 Best Cloud Security Podcasts

Some of the earliest podcasters were influencers in the technology and online space. For well over a decade, programs that specifically discuss security news and topics have been keeping people up to date on data and systems safety. For many, it’s the ideal medium to learn about the latest happenings in the industry via a convenient and enjoyable format.

With that in mind, we have put together a listing of 50 of the best cloud security podcasts we know about. The hosts and programs on the list are experts from many different technical backgrounds. Their content can benefit professionals in security, programming, or almost any technical role. So whether you’re in a security role or just find yourself interested in some of the big data news that seems to be looming ever larger, you’ll find them useful and, oftentimes, entertaining.

Note: Our list of podcasts is not ranked in terms of perceived value or quality of content. What we have provided is a brief description of each of the podcasts as well as three pertinent episodes for each that you may want to download.

Before we dive into our podcast list, we want to call out two podcasts:

Read more “50 Best Cloud Security Podcasts”

Join Threat Stack at “Builders of Tomorrow”

Making a Secure Transition to Containers

September 27 | LEGOLAND | Somerville, MA

We’re super excited to announce our upcoming event — Builders of Tomorrow  — a container security meetup at LEGOLAND in Somerville, MA.

Come hear from a rockstar team of container security leaders including:

  • Todd Morneau, Director of Product at Threat Stack
  • Jay Vyas, core contributor to Kubernetes and technologist at Black Duck
  • Hemant Kapoor, Global Head of SRE at Wayfair
  • Kevin Landt, Director of Product Management, OpsGenie
  • Ryan Wallner, Technical Manager Portworx

We also have a surprise guest speaker you won’t want to miss!

This will be our first security-driven container event. Builders of Tomorrow is the only event that brings engineers, IT managers, SREs, and thought leaders together in a single forum to explore how teams can scale and secure modern applications in a transitioning world.  

Builders of Tomorrow

Where: LEGOLAND Discovery Center Boston: 598 Assembly Row, 2nd Floor, Somerville, MA

When: Thurs, September 27, 2018, 5:00 – 9:00 p.m. EDT

Registration: If you haven’t registered already, reserve your tickets now.

What to Expect

The event will feature a mix of thought provoking sessions, expert panels, and hands-on build workshops with industry leaders and hands-on practitioners alike.

Between sessions, attendees will have the opportunity to exchange ideas with their peers and network at one of the most exciting venues in the Boston area.

Did we mention we have access to all LEGOLAND exhibits/attractions including?

  • Build Center
  • Lego Themed Escape Room
  • Roller Coaster
  • Star Wars Episode 2 Exhibit
  • Full Catered Beer, Wine, and Food

Sign up today and we’ll see you on September 27!

Security by Design or by Accident

Security has such a large number of subtopics that it’s sometimes difficult to define what the field looks like as a whole. It means something vastly different to a Security Engineer, a CISO, and a Developer. Realistically, at most companies, Security is the prevention of leaking customer data or exposing secrets. Usually this manifests as “let’s make sure only the logged-in user can view this information” or “make sure the password is stored securely.” These are important, but they don’t cover enough. Read more “Security by Design or by Accident”