Latest Blogs

Cloud Security Insights, Thoughts, and Ideas

2 Min Read
A Threat Stack SOC Analysis: The Continuing Evolution of the Shellbot Cryptomining Malware

Ethan Hansen

May 15, 2019

Update: Threat Stack Presents Threat Briefing On New Cryptomining Shellbot Malware Variant Available: On demand About This Threat ...

5 Min Read
Cloud Security Observability: How to Reduce Risk in Your Cloud-Native Infrastructure

Natalie Walsh

May 7, 2019

Security Observability has become an important concept recently as companies have started building software with a cloud-native mindset, embracing ...

4 Min Read
Beyond Checkboxes: 6 Cloud Security Measures All Healthcare Organizations Should Take

Tim Buntel

May 2, 2019

Modern healthcare is a full participant in the digital economy, and personal health information (PHI) is at its center. But today’s digital ...

4 Min Read
AWS HIPAA Compliance Best Practices Checklist

Mark Moore

April 25, 2019

The Health Insurance Portability and Accountability Act, or HIPAA, is a United States law that seeks to protect the privacy of patients’ medical ...

17 Min Read
50 Best Kubernetes Architecture Tutorials

Natalie Walsh

April 18, 2019

Kubernetes is a multi-functional, container-centric platform for managing workloads and services. Given the fact that containers and container ...

2 Min Read
Go Behind the Scenes of a Docker Cryptojacking Attack

Robin Stone

April 10, 2019

When Threat Stack security analyst Ethan Hansen saw an alert in a customer’s environment that read /temp [RANDOM] cnrig, he knew his afternoon was ...

7 Min Read
Operation Code and Sam Bisbee Talk About Getting Started in Security

Kevin Flike

March 28, 2019

In February 2019, Threat Stack hosted a meetup with the Boston chapter of Operation Code. Operation Code is a 501(c)(3) non-profit intensely focused ...

7 Min Read
If You’re Not First, You’re Last: Risks of Delaying CCPA Compliance

Kevin Kish

March 26, 2019

Introduction — by Lindsey Ullian, Threat Stack Compliance Manager After GDPR went into effect in May 2018, many companies reassessed their ...

5 Min Read
7 Cloud Service Evaluation Criteria to Help You Choose the Right Cloud Service Provider

Todd Morneau

March 21, 2019

The lack of a common framework for assessing Cloud Service Providers (CSPs) combined with the fact that no two CSPs are the same can complicate the ...

3 Min Read
Container Security Tips and Best Practices

Miguel De Los Santos

March 19, 2019

Containers provide very important functionality: They package various software applications in “containers” to ensure that they are able to run ...

6 Min Read
How to Achieve Full Stack, Multi-Cloud Security Observability

Christopher Ford

March 14, 2019

You probably know AWS as the leading cloud platform provider. These days, however, many companies are using additional cloud providers as well. ...

6 Min Read
How to Track Agent-Based User Activity

Ethan Hansen

March 12, 2019

More often than not we'll need to go beyond a Severity 1 alert to figure out what a user (including a potentially malicious attacker) was doing on a ...

6 Min Read
How to Understand Your Attacker’s Mindset

Aakash Prasad

March 7, 2019

In this post we’ll try to develop an understanding of a typical attacker’s mindset and then show you how companies like yours can use this ...

2 Min Read
The Economic Impact of Threat Stack – A Forrester Research Study

Natalie Walsh

March 6, 2019

Cost Savings and Business Benefits Enabled by Threat Stack When investing in cloud security platforms and services, businesses naturally want to ...

3 Min Read
New PCI Standards for New Ways of Building Software

Tim Buntel

March 5, 2019

This post explains how the PCI Security Standards Council has introduced its new PCI Software Security Framework to align PCI with modern software ...

3 Min Read
How to Cut Through Vendor Claims & Marketing Hype When Evaluating New Security Tools

Nathan Cooprider

February 28, 2019

As we’ve pointed out in a couple of recent blog posts, Machine Learning (ML) has been billed as a savior for short-staffed security teams — a ...

2 Min Read
Scala Regex String Extraction

Alfredo Perez

February 26, 2019

Introduction — Joe Baker, Manager Software Engineering From time to time the Engineering, Operations, and Security groups at Threat Stack ...

4 Min Read
The Promise of Machine Learning vs. The Reality of Human Assisted Learning

Natalie Walsh

February 21, 2019

Machine Learning (ML) has been around in one form or another for a long time. Arthur Samuel, started working in the field in 1949 and coined the term ...

3 Min Read
Threat Stack Successfully Completes Type 2 SOC 2 Examination With Zero Exceptions — Again!

Lindsey Ullian

February 20, 2019

For the second year in a row Threat Stack has achieved Type 2 SOC 2 Compliance in Security and Availability with zero exceptions. We’re justifiably ...

5 Min Read
How to Identify Threats Within Your Docker Containers

Nathan Cooprider

February 19, 2019

Now is a good time to review Threat Stack’s Docker integration in the wake of the recent runc CVE. The headline reporting gets a little hyperbolic, ...

3 Min Read
The Difference Between Security Trick Plays and Security Fundamentals

Nathan Cooprider

February 14, 2019

I like watching great football plays on YouTube, but I especially like watching trick plays where players sell some sort of deception so their ...