Latest Blogs

Cloud Security Insights, Thoughts, and Ideas

8 Min Read
Testing Tool Profile: Why Threat Stack Uses ThoughtWorks Gauge

T.J. Maher

October 31, 2019

 Threat Stack has numerous tests running daily, verifying that things are working as expected in our Threat Stack Cloud Security ...

7 Min Read
HIPAA Compliance Tips & Best Practices — Factors to Consider When Developing Effective Policies & Procedures

Mark Moore

October 29, 2019

Our last post on HIPAA compliance — HIPAA Compliance Tips & Best Practices — Building Your Foundational Knowledge — provided expert ...

4 Min Read
How to Create a Security Risk Assessment for Containers in 5 Steps

Mark Moore

October 24, 2019

When adopting containers, organizations need to create a risk profile for the types of threats and vulnerabilities they expect to experience. This ...

11 Min Read
HIPAA Compliance Tips & Best Practices — Building Your Foundational Knowledge

Mark Moore

October 22, 2019

The last few years have seen a number of failures in the field of HIPAA compliance and fines that would put many smaller-scale practices out of ...

5 Min Read
NYDFS Cybersecurity Regulation: Two Years Later, Let’s Check-In

Collin Varner

October 16, 2019

Introduction  — by Lindsey Ullian, Threat Stack Compliance Manager Back in 2017, we brought our readers up to date on NYDFS Cybersecurity ...

19 Min Read
20 DevSecOps Pros Reveal the Most Important Considerations in Building a DevSecOps Pipeline

Pan Chhum

October 10, 2019

In a recent Threat Stack report, 44 percent of DevOps professionals we surveyed said that when it comes to security-related issues, they'd have to ...

3 Min Read
Findings From the Threat Stack Q3, 2019 SOC Report

Blaine Connaughton

October 8, 2019

Going ahead, the Threat Stack Security Operations Center (SOC) will be publishing a quarterly report summarizing lessons we’ve learned, trends ...

5 Min Read
Cloud Security Professional Development & Educational Resource Roundup

Bob Allin

October 3, 2019

The flexibility and speed of cloud computing make is enormously appealing to organizations that are looking to leverage a strong competitive edge. As ...

4 Min Read
The Top 3 Security Mistakes SaaS Companies are Making

Stephen Fitzgerald

October 1, 2019

The more data you store, the more attractive you become to cybercriminals, so SaaS companies need to recognize the importance of following security ...

14 Min Read
Industry Experts Provide Tips For Successful Cyber Diligence in M&A

Tim Buntel

September 26, 2019

Mergers and acquisitions can be successful growth strategies for many companies. They bring together customers, IP, and assets — but they also ...

14 Min Read
16 Kubernetes Experts Share the Most Interesting Current Trends to Look for in Kubernetes

Sabin Thomas

September 24, 2019

Kubernetes is a popular DevOps tool thanks to its container-centric environment and portability across infrastructure providers. In 2018, Kubernetes ...

9 Min Read
10 Automated Testing Tools That Threat Stack Uses — and Why

Laura Haiduck

September 19, 2019

All software development projects, whether they’re large or small, can benefit from well-planned and well-executed testing. It’s your way to ...

4 Min Read
4 Things You Need to Know About SOC 2 Compliance

Mark Moore

September 17, 2019

Compliance isn’t as simple as a connect-the-dots exercise. When you consider how fast companies are moving to and expanding in the cloud, and then ...

6 Min Read
Protecting Infrastructure With TLS Client Authentication

Pat Cable

September 12, 2019

Here at Threat Stack we really like Yubikeys — and they’re a critical part of our security program. Many folks know Yubikeys for their ability to ...

7 Min Read
Ten Application Security Terms That Every Developer Should Know

Tim Buntel

September 10, 2019

A few months ago I gave a talk about securing microservices at the Boston Cloud Native Computing Meetup. After the presentation, a young developer (a ...

7 Min Read
HIPAA Compliance Checklist

Mark Moore

September 5, 2019

Any organization that has access to electronic Protected Health Information (ePHI) must comply with HIPAA. If your organization needs to be ...

5 Min Read
How to Address PCI DSS Requirement 6.6 — A Two-For-One Solution From Threat Stack

Tim Buntel

September 4, 2019

The current version of the PCI DSS is 3.2.1, published in May 2018. Requirement 6 states that you must “Develop and maintain secure systems and ...

2 Min Read
Trash Taxi: Taking Out the Garbage in Your Infrastructure

Pat Cable

August 29, 2019

Trash Taxi: A Lifecycle Management Tool for Superuser Discovery & Cleanup ...

6 Min Read
Five Tips On How Testers Can Collaborate With Software Developers

T.J. Maher

August 27, 2019

Whenever I join a new team, my first task is fostering and nurturing a good working relationship with the developers. Why? If there is good chemistry ...

20 Min Read
50 Valuable PCI Compliance Tips

Tim Buntel

August 23, 2019

The Payment Card Industry Data Security Standards (PCI DSS) provides a rigorous security framework and best practices for businesses that store, ...

4 Min Read
How Stratasan Addresses Its Growing Security & Compliance Needs for Healthcare IT and Services Using Threat Stack

Robin Stone

August 20, 2019

Stratasan provides web-based software and professional services that are designed to help healthcare organizations maximize strategic growth ...