Implementing Better DevOps Security: Expert Perspectives

On Wednesday, Threat Stack was featured in an important GigaOM webinar panel, Iron Clad DevOps Security for Your EC2 Environments. The panel included our own Director of Ops and Support, Pete Cheslock, along with David Linthicum of GigaOM, Greg Ferro, Independent Analyst, and Matt Sarrel, Executive Director of Sarrel Group. It was a deeply informative hour-long discussion which David himself claimed as one of the best security webinars he’s had. We couldn’t agree more!

Read more “Implementing Better DevOps Security: Expert Perspectives”

3 Reasons Why The Host Rules Cloud IDS

To truly appreciate why companies like Threat Stack point to the Cloud as a watershed event in their corner of the software industry, one must push past the hype and worn platitudes about “the Cloud with a capital C.” The reality is that it is the side effects that have caused such a large impact, like cost of operation as a function of scaled purchasing power and the forcing of software-only solutions.

This has certainly been felt in intrusion detection systems (IDS). They have traditionally been deployed as network hardware devices enabled by access to the network infrastructure, but are struggling to find relevance in a world where the traditional network boundary no longer exists.

Read more “3 Reasons Why The Host Rules Cloud IDS”

Iron Clad DevOps Security for your EC2 Environments: Webinar with GigaOM

Join Threat Stack’s Director of Ops & Support, Pete Cheslock, as he discusses the security needs of modern, DevOps-managed infrastructures with Greg Ferro, Independent Analyst, and Matt Sarrel, Executive Director of Sarrel Group, in next week’s GigaOM webinar. 

With the lack of sophisticated security features in public cloud infrastructure environments like AWS, it’s critical for DevOps teams to implement audit trails in order to adhere to compliance and regulation mandates. Continuous security monitoring is the answer and on February 11th, Pete, Greg and Matt will be discussing the importance of having this new level of visibility into an entire EC2 attack surface. 

Read more “Iron Clad DevOps Security for your EC2 Environments: Webinar with GigaOM”

Our 2014 Retrospective

As we prepare to move across the muddy Charles River from Cambridge to our new offices in Boston’s Innovation District, I find myself reflecting on our incredible progress in 2014. From RSA in February to AWS re:Invent in November, it has truly been a whirlwind highlighted by the awesome people that make up Threat Stack including our team, investors, partners, and most importantly, our customers. Thanks to all! So, what did we get done in 2014?

Read more “Our 2014 Retrospective”

The Linux “Grinch” Vulnerability: Separating Fact From FUD

Recently, a security firm reported what they claimed to be a flaw with a major impact on organizations running Linux. (And apparently since all the rage these days is to give bugs code names, they pre-seeded the market with this timely one: “grinch”).

Linux software bugs have been huge this year, leaving administrators reeling to patch themselves from Shellshock, Heartbleed, POODLE, etc. With claims that this vulnerability could have an impact similar to Shellshock, I really wanted to dive into what the “grinch” bug means in order to separate the fact from the FUD.

Read more “The Linux “Grinch” Vulnerability: Separating Fact From FUD”

Deconstructing Shellshock To Prepare For the Next One

Yesterday, our Co-Founder and Chief Scientist, Jen Andre, and CEO, Doug Cahill, hosted a live webinar, “Preparing for the Next Shellshock.” Shellshock is the most notable and destructive vulnerability to date, and alongside POODLE and Heartbleed, 2014 has now been deemed the year with the most reported vulnerabilities in history.

Read more “Deconstructing Shellshock To Prepare For the Next One”

We’ve Raised $5M in Funding To Further Protect Cloud Environments From Intrusions & Data Loss

We’re thrilled to announce today that we have raised an additional $5M in funding from Atlas Venture and .406 Ventures. The funding will be used to further develop and commercialize our cloud security monitoring service, which officially launched last month, and expand our footprint with customers using Amazon Web Services.

This announcement comes right on the heels of our highly successful and over subscribed beta program and officially launching on-stage in November at Amazon CTO Dr. Werner Vogel’s Start-up Launch keynote during the AWS re:Invent Conference.

Read more “We’ve Raised $5M in Funding To Further Protect Cloud Environments From Intrusions & Data Loss”