Latest Blogs

Cloud Security Insights, Thoughts, and Ideas

2 Min Read
Go Behind the Scenes of a Docker Cryptojacking Attack

Robin Stone

April 10, 2019

When Threat Stack security analyst Ethan Hansen saw an alert in a customer’s environment that read /temp [RANDOM] cnrig, he knew his afternoon was ...

7 Min Read
Operation Code and Sam Bisbee Talk About Getting Started in Security

Kevin Flike

March 28, 2019

In February 2019, Threat Stack hosted a meetup with the Boston chapter of Operation Code. Operation Code is a 501(c)(3) non-profit intensely focused ...

7 Min Read
If You’re Not First, You’re Last: Risks of Delaying CCPA Compliance

Kevin Kish

March 26, 2019

Introduction — by Lindsey Ullian, Threat Stack Compliance Manager After GDPR went into effect in May 2018, many companies reassessed their ...

5 Min Read
7 Cloud Service Evaluation Criteria to Help You Choose the Right Cloud Service Provider

Todd Morneau

March 21, 2019

The lack of a common framework for assessing Cloud Service Providers (CSPs) combined with the fact that no two CSPs are the same can complicate the ...

3 Min Read
Container Security Tips and Best Practices

Miguel De Los Santos

March 19, 2019

Containers provide very important functionality: They package various software applications in “containers” to ensure that they are able to run ...

6 Min Read
How to Achieve Full Stack, Multi-Cloud Security Observability

Christopher Ford

March 14, 2019

You probably know AWS as the leading cloud platform provider. These days, however, many companies are using additional cloud providers as well. ...

6 Min Read
How to Track Agent-Based User Activity

Ethan Hansen

March 12, 2019

More often than not we'll need to go beyond a Severity 1 alert to figure out what a user (including a potentially malicious attacker) was doing on a ...

6 Min Read
How to Understand Your Attacker’s Mindset

Aakash Prasad

March 7, 2019

In this post we’ll try to develop an understanding of a typical attacker’s mindset and then show you how companies like yours can use this ...

2 Min Read
The Economic Impact of Threat Stack – A Forrester Research Study

Natalie Walsh

March 6, 2019

Cost Savings and Business Benefits Enabled by Threat Stack When investing in cloud security platforms and services, businesses naturally want to ...

3 Min Read
New PCI Standards for New Ways of Building Software

Tim Buntel

March 5, 2019

This post explains how the PCI Security Standards Council has introduced its new PCI Software Security Framework to align PCI with modern software ...

3 Min Read
How to Cut Through Vendor Claims & Marketing Hype When Evaluating New Security Tools

Nathan Cooprider

February 28, 2019

As we’ve pointed out in a couple of recent blog posts, Machine Learning (ML) has been billed as a savior for short-staffed security teams — a ...

2 Min Read
Scala Regex String Extraction

Alfredo Perez

February 26, 2019

Introduction — Joe Baker, Manager Software Engineering From time to time the Engineering, Operations, and Security groups at Threat Stack ...

4 Min Read
The Promise of Machine Learning vs. The Reality of Human Assisted Learning

Natalie Walsh

February 21, 2019

Machine Learning (ML) has been around in one form or another for a long time. Arthur Samuel, started working in the field in 1949 and coined the term ...

3 Min Read
Threat Stack Successfully Completes Type 2 SOC 2 Examination With Zero Exceptions — Again!

Lindsey Ullian

February 20, 2019

For the second year in a row Threat Stack has achieved Type 2 SOC 2 Compliance in Security and Availability with zero exceptions. We’re justifiably ...

5 Min Read
How to Identify Threats Within Your Docker Containers

Nathan Cooprider

February 19, 2019

Now is a good time to review Threat Stack’s Docker integration in the wake of the recent runc CVE. The headline reporting gets a little hyperbolic, ...

3 Min Read
The Difference Between Security Trick Plays and Security Fundamentals

Nathan Cooprider

February 14, 2019

I like watching great football plays on YouTube, but I especially like watching trick plays where players sell some sort of deception so their ...

2 Min Read
How to Defend Against the runC Container Vulnerability

Nathan Paulhus

February 13, 2019

Earlier this week security researchers Adam Iwaniuk and Borys Poplawski published details on a vulnerability in runC, the underlying container ...

5 Min Read
Transforming Alert Fatigue Into Proactive Security Management

John Shoenberger

February 12, 2019

In a recent study, 72% of CISOs stated that their teams are facing alert fatigue, while 82% of respondents to a Threat Stack survey indicated that ...

6 Min Read
Machine Learning, Signatures, Rules, & Behaviors — Tips on Navigating Modern Cloud Security Solutions

Mark Moore

February 6, 2019

Cloud security is one of the most rapidly changing technology landscapes out there. And naturally, the market for security tools is also constantly ...

16 Min Read
21 Developers & Docker Experts Reveal the Biggest Mistakes People Make When Switching to Docker Containers

John Shoenberger

February 6, 2019

Containerized environments are increasingly popular, and Docker remains the most popular container solution for developers. But the process of moving ...

3 Min Read
Leveraging Threat Stack’s Out-of-the-Box Rulesets and Single View for Managing Multiple AWS Accounts

Stephen Fitzgerald

January 30, 2019

Increasingly, AWS users are leveraging multiple accounts to manage their infrastructure. While doing so is a recommended best practice that enables ...