Now that the dust has finally settled after RSA and we’ve had a chance to come up for a breath of fresh air, we’re excited to announce that we’re hosting our first webinar!
On Wednesday, March 19th at 1pm (one week from today) we will be presenting a webinar on “Detection, Response and the Azazel Compromise”. It will be, first and foremost, a cloud security tech talk with our CEO, Doug Cahill, and one of our founders, Dustin Webber, on the state of threat detection and response for cloud-based servers.
Read more “[Webinar] Beyond Detection and Response: Unveiling the Azazel Rootkit”
Wow — what a busy (and awesome) time at RSA this year! I missed the conference last year and was surprised (but impressed) to see the event grow as much as it has in such a short period of time; they literally doubled the exhibitor space, filling both the North and South Halls. While on one hand surprising, the growth makes complete sense — not just because security is a hot space, but because of the massive increase in the attack surface area.
Read more “RSA Grows with the Attack Surface Area”
We’re excited to announce that we’ll be exhibiting at RSA for the very first time this year. Security experts from all over the world will be attending, including many of our own customers, and we hope to see you there as well!
Where: South Exhibit Hall Booth #402 at the Moscone Center
When: February 24-28, 2014
What: Talk with our founding team and see demonstrations of our flagship cloud security monitoring platform, Cloud Sight (we also have a few surprises for you).
Join: Use our Expo Pass Code EC4TRSK to register for a free Exhibit Hall Pass. The deadline to redeem is Friday, February 21, 2014.
At Threat Stack, we’re constantly exploring ways to advance cloud server forensics. We’re especially attentive to this as it’s an area of cloud security that’s becoming more critical since the attack vector of cloud is growing.
Forensic logs can lay out the scope of an attack that’s occurred on your servers, but getting to the bottom of what’s been done is usually much easier said than done. In fact, you can easily find yourself paying up to $600/hr for a security consultant to do this exact work if you don’t have the right tools in the first place. But what does it mean to have the right tools?
Do existing methods work?
Read more “Cloud Server Forensics Take Center Stage”
A tale of a suspicious Linux process (with a dash of dog food thrown in)
The other day my coworker informed me, “Hey, there’s a weird process making network connections on your box.” A dreaded string of words if there ever were any for the security-conscious developer.
Read more ““Yt? Seeing something odd in the logs…””
Too many times we hear and read about how insecure the cloud is or worse — that the cloud is already secure because IaaS providers have security groups and protection capabilities. These ideologies are all too common and far too wrong. By using outsourced cloud infrastructure, you are only outsourcing your infrastructure, not your security. Security is always your responsibility.
Read more “Cloud Security Is Always Your Responsibility”
Since starting Threat Stack in November of 2012, it has been our mission to create the most powerful security monitoring and forensics platform built specifically for the cloud. Since then, we’ve been honored and humbled to work with many of the world’s top cloud and security providers and experts.
Now, we’re excited to announce that Richard Bejtlich, CSO of Mandiant, and Chris Wysopal, CTO and co-founder of Veracode, have joined the Threat Stack Advisory board.
Read more “Richard Bejtlich and Chris Wysopal Join Threat Stack Advisory Board”
If you think Rick Spickelmier is correct, you’re dead wrong.
Recently, an article in Pando Daily asserted that the “cloud” is secure — so, long live the cloud, stop worrying and learn to love the cloud. Right??
Read more “Cloud Security is Not a Binary Question”
Today, Virginia based cyber-security firm MANDIANT released a 60+ page intelligence report describing an Advanced Persistent Threat (APT) actor named APT-1 (others familiar with the group may know them as WebC2).
Read more “APT Intelligence Update”
Snorby Mobile 1.0.0 is now available in the app store. The mobile application will work with any Snorby install >= 2.5.3. Snorby Cloud (https://cloud.snorby.org) integration will be added in the next release making the process of adding multiple collection servers painless. Let us know what you think and if you have any suggestions.