Threat Stack Takes Center Stage at BSides Boston 2014

Right on the heels of traveling out to Monitorama in Portland, OR, we will be making a splash at BSides Boston. Having been to several BSides events across the country in the past, we’re excited to immerse ourselves in this one — and right in our own backyard!

Mark Thomas and Bill Young of Threat Stack will be speaking at BSides, expanding the local security community on topics of cloud security monitoring and operations security.

Schedule (full schedule here)

Mark Thomas, our Principal Software Engineer, will be speaking on “Smarter Detection and Faster Incident Response”.

When: Friday, May 9th at 2:20pm

Wrapping things up for us, Bill Young, our Senior Infrastructure Engineer, will be speaking on “Security Monitoring for DevOps”.

When:  Saturday, May 10th at 4pm

We look forward to being among many other top-tier security experts in the local Boston area and contributing to the next big innovations in cloud security.

Will you be at BSides Boston this weekend? Mark and Bill would be happy to meet you, so be on the lookout for us. You can follow along with the event at @BSidesBoston and @ThreatStack.

Threat Stack Funded to Secure Cloud Infrastructure, Names Doug Cahill as CEO

As the first provider of continuous monitoring for elastic infrastructure, we’re excited to announce that we’ve raised an additional $2.7M in capital from Atlas Venture and .406 Ventures, bringing total amount raised to $4M.  The new funding will be used to commercialize our flagship service, Cloud Sight™, which is currently in beta.

Cloud Sight provides cloud servers with comprehensive protection, detection and response against malicious threats.  It delivers continuous security monitoring to protect cloud-based, elastic infrastructures from intrusion and compromise.  As a native cloud-built platform, Cloud Sight employs a big data architecture that auto-scales; and its DevOps deployable lightweight agent requires very little computational resource.

Read more “Threat Stack Funded to Secure Cloud Infrastructure, Names Doug Cahill as CEO”

[Webinar] Beyond Detection and Response: Unveiling the Azazel Rootkit

Now that the dust has finally settled after RSA and we’ve had a chance to come up for a breath of fresh air, we’re excited to announce that we’re hosting our first webinar!

On Wednesday, March 19th at 1pm (one week from today) we will be presenting a webinar on “Detection, Response and the Azazel Compromise”. It will be, first and foremost, a cloud security tech talk with our CEO, Doug Cahill, and one of our founders, Dustin Webber, on the state of threat detection and response for cloud-based servers.

Read more “[Webinar] Beyond Detection and Response: Unveiling the Azazel Rootkit”

RSA Grows with the Attack Surface Area

Wow — what a busy (and awesome) time at RSA this year! I missed the conference last year and was surprised (but impressed) to see the event grow as much as it has in such a short period of time; they literally doubled the exhibitor space, filling both the North and South Halls. While on one hand surprising, the growth makes complete sense — not just because security is a hot space, but because of the massive increase in the attack surface area.

Read more “RSA Grows with the Attack Surface Area”

Threat Stack at the 2014 RSA Conference

We’re excited to announce that we’ll be exhibiting at RSA for the very first time this year. Security experts from all over the world will be attending, including many of our own customers, and we hope to see you there as well!

Where: South Exhibit Hall Booth #402 at the Moscone Center

When: February 24-28, 2014

What: Talk with our founding team and see demonstrations of our flagship cloud security monitoring platform, Cloud Sight (we also have a few surprises for you).

Join: Use our Expo Pass Code EC4TRSK to register for a free Exhibit Hall Pass. The deadline to redeem is Friday, February 21, 2014.

Cloud Server Forensics Take Center Stage

At Threat Stack, we’re constantly exploring ways to advance cloud server forensics. We’re especially attentive to this as it’s an area of cloud security that’s becoming more critical since the attack vector of cloud is growing.

Forensic logs can lay out the scope of an attack that’s occurred on your servers, but getting to the bottom of what’s been done is usually much easier said than done. In fact, you can easily find yourself paying up to $600/hr for a security consultant to do this exact work if you don’t have the right tools in the first place. But what does it mean to have the right tools?

Do existing methods work?

Read more “Cloud Server Forensics Take Center Stage”

Cloud Security Is Always Your Responsibility

Too many times we hear and read about how insecure the cloud is or worse — that the cloud is already secure because IaaS providers have security groups and protection capabilities. These ideologies are all too common and far too wrong. By using outsourced cloud infrastructure, you are only outsourcing your infrastructure, not your security. Security is always your responsibility.  

Read more “Cloud Security Is Always Your Responsibility”