Spotlight 3 Min Read
Threat Stack Introduces Additional Runtime Attack Detection

Tim Buntel

January 21, 2020

Protection From More Types of Application Attacks Threat Stack Application Security Monitoring detects vulnerabilities in code and blocks live ...

Featured Blogs

5 Min Read

An Inside Look at the Evolution of Threat Stack’s SOC 2 Processes

4 Min Read

Lessons Learned From Lola: Demonstrating PCI Compliance in a Cloud-Native, Containerized Environment

2 Min Read

Trash Taxi: Taking Out the Garbage in Your Infrastructure

Latest Blogs

Cloud Security Insights, Thoughts, and Ideas

5 Min Read
How a DevOps Recruiter Hires for Containers and Serverless

Shaun Kelly

August 28, 2018

A Q&A With Michael Race, Head of DevOps, Salt Digital Recruitment When it comes to hiring for DevOps, there’s much to consider, especially if ...
3 Min Read
Magic for DevOps Teams — Threat Stack Announces Containerized Agent

Hank Schless

August 23, 2018

Every day, malicious actors are taking more complex routes into cloud infrastructure and leveraging increasingly covert traits to persist for longer ...
3 Min Read
Security Observability: Operationalizing Data in Complex, Distributed Systems

Hannah Klemme

August 16, 2018

It’s 2018 — companies are using multiple cloud providers, shifting to microservices, moving monoliths into containers, or maybe even moving to a ...
3 Min Read
What's In Our SecOps Stack: 6 Top Integrations

Mark Moore

August 15, 2018

When it comes to creating a solid SecOps program, an organization must consider people, processes, and technology. It’s not one area that makes a ...
3 Min Read
How to Find and Remediate Open Infrastructure Ports

Stephen Fitzgerald

August 14, 2018

The evidence is clear — open infrastructure ports lead to security vulnerabilities. When AWS S3 buckets or SSH ports are left open, they can leave ...
4 Min Read
Best Practices for User Access Management

Christian Lappin

August 9, 2018

Many organizations have policies in place that restrict internal access to information, but are they truly optimized for security and efficiency? In ...
13 Min Read
What Would You Change About AWS Security?

Pete Cheslock

August 8, 2018

20 Security Pros Reveal the One Thing They'd Change About AWS Security AWS is one of the most popular cloud platforms among enterprises and even ...
18 Min Read
50 Best Cloud Security Training Resources

Bob Allin

August 2, 2018

The bad news is there’s a global shortage of trained cybersecurity professionals: According to PWC, there will be 1.5 million cybersecurity job ...
3 Min Read
What is the NIST Cybersecurity Framework?

Lindsey Ullian

July 31, 2018

You’ve SOC 2-ed from here to eternity, and you’ve got GDPR in the bag, but if you’re truly focused on security maturity, you know that your ...
3 Min Read
Why Kubernetes is Not a Silver Bullet

Todd Morneau

July 26, 2018

Container adoption is on a meteoric rise. Gartner estimates that 50 percent of companies will use container technology by 2020, up from less than 20 ...
3 Min Read
How to Avoid Targeted AWS Attacks With Secure AWS Keys

Pat Cable

July 25, 2018

If the headlines are any indication, hackers continue to exploit vulnerabilities in cloud infrastructure platforms, with targeted AWS attacks ...
4 Min Read
Why DevOps Needs Security During an Infrastructure Transition

Pan Chhum

July 24, 2018

The rising popularity of DevOps practices in cloud infrastructure environments has allowed software teams to release work more quickly and ...
3 Min Read
How to Use Threat Stack to Enable Proactive Security

Christian Lappin

July 20, 2018

We recently discussed some pretty sobering statistics in the world of cybersecurity, ranging from astronomical misconfiguration rates to the ...
10 Min Read
101 AWS Security Tips & Quotes, Part 4: Best AWS Security Practices

Bob Allin

July 11, 2018

The fourth — and final — blog post in our series of AWS Security Tips and Quotes offers tips on AWS Security Best Practices. So far the series ...
3 Min Read
Access Management Lessons From Timehop’s Cloud Security Breach

Pat Cable

July 10, 2018

Over the past couple of weeks, both Macy's and Timehop experienced breaches as a result of authentication weaknesses. On July 4, social media startup ...
3 Min Read
Three Homegrown SecOps Tools Used by the Threat Stack Team

Pat Cable

July 9, 2018

As a security company, there’s a lot of pressure to keep our data secure while still moving fast and innovating on product development. I find the ...
10 Min Read
101 AWS Security Tips & Quotes, Part 3: Best Practices for Using Security Groups in AWS

Bob Allin

July 3, 2018

Here’s the third blog post in our 4-part series of AWS Security Tips and Quotes, which is designed to help you evolve and strengthen your ...
5 Min Read
What is SecOps? A Definition, Benefits, Best Practices, and More

Pan Chhum

June 27, 2018

While the technologies, processes, and cultural shifts of DevOps have improved the ability of software teams to deliver reliable work rapidly and ...
11 Min Read
101 AWS Security Tips & Quotes, Part 2: Securing Your AWS Environment

Hank Schless

June 26, 2018

As part of its mission, Threat Stack has always brought its readers security-related content to help them make informed decisions that will ...
3 Min Read
Visualizing Detection & Remediation in the Cloud With Graylog — Webinar Recap

Sarah Wills

June 25, 2018

If you’re on a Security team, chances are you may be able to leverage some of the Operations team’s existing tools for log management and SIEM. ...
3 Min Read
3 Things to Know About Kubernetes Security

Todd Morneau

June 22, 2018

Gartner estimates that 50 percent of companies will use container technology by 2020, up from less than 20 percent in 2017. The operational benefits ...