Latest Blogs

Cloud Security Insights, Thoughts, and Ideas

9 Min Read
Creating Custom CloudTrail Rules in Threat Stack

Paul Ivanivsky

September 19, 2018

The Threat Stack CloudTrail Base Ruleset has several out-of-the-box rules that alert users on activity within some of  AWS’s most popular services ...

21 Min Read
50 Best Cloud Security Podcasts

Mark Moore

September 17, 2018

For an updated list, take a look at Mark Moore's 25 Best Cloud Security Podcasts to Visit in 2020. Some of the earliest podcasters were ...

2 Min Read
Security by Design or by Accident

Matt Getty

September 11, 2018

Security has such a large number of subtopics that it’s sometimes difficult to define what the field looks like as a whole. It means something ...

15 Min Read
45 Useful and Informative GDPR Presentations & Resources

Hank Schless

September 5, 2018

The months leading up to May 25, 2018 produced a steady barrage of articles urging organizations to get ready for the GDPR and warning about the ...

4 Min Read
Top Compliance Pain Points by Industry

Lindsey Ullian

August 30, 2018

Whether you are adhering to mandatory regulations or voluntary cybersecurity frameworks, taking compliance seriously can be a huge boon to your ...

5 Min Read
How a DevOps Recruiter Hires for Containers and Serverless

Shaun Kelly

August 28, 2018

A Q&A With Michael Race, Head of DevOps, Salt Digital Recruitment When it comes to hiring for DevOps, there’s much to consider, especially if ...

3 Min Read
Magic for DevOps Teams — Threat Stack Announces Containerized Agent

Hank Schless

August 23, 2018

Every day, malicious actors are taking more complex routes into cloud infrastructure and leveraging increasingly covert traits to persist for longer ...

3 Min Read
Security Observability: Operationalizing Data in Complex, Distributed Systems

Hannah Klemme

August 16, 2018

It’s 2018 — companies are using multiple cloud providers, shifting to microservices, moving monoliths into containers, or maybe even moving to a ...

3 Min Read
What’s In Our SecOps Stack: 6 Top Integrations

Mark Moore

August 15, 2018

When it comes to creating a solid SecOps program, an organization must consider people, processes, and technology. It’s not one area that makes a ...

3 Min Read
How to Find and Remediate Open Infrastructure Ports

Stephen Fitzgerald

August 14, 2018

The evidence is clear — open infrastructure ports lead to security vulnerabilities. When AWS S3 buckets or SSH ports are left open, they can leave ...

4 Min Read
Best Practices for User Access Management

Christian Lappin

August 9, 2018

Many organizations have policies in place that restrict internal access to information, but are they truly optimized for security and efficiency? In ...

13 Min Read
What Would You Change About AWS Security?

Pete Cheslock

August 8, 2018

20 Security Pros Reveal the One Thing They'd Change About AWS Security AWS is one of the most popular cloud platforms among enterprises and even ...

18 Min Read
50 Best Cloud Security Training Resources

Bob Allin

August 2, 2018

The bad news is there’s a global shortage of trained cybersecurity professionals: According to PWC, there will be 1.5 million cybersecurity job ...

3 Min Read
What is the NIST Cybersecurity Framework?

Lindsey Ullian

July 31, 2018

You’ve SOC 2-ed from here to eternity, and you’ve got GDPR in the bag, but if you’re truly focused on security maturity, you know that your ...

3 Min Read
Why Kubernetes is Not a Silver Bullet

Todd Morneau

July 26, 2018

Container adoption is on a meteoric rise. Gartner estimates that 50 percent of companies will use container technology by 2020, up from less than 20 ...

3 Min Read
How to Avoid Targeted AWS Attacks With Secure AWS Keys

Pat Cable

July 25, 2018

If the headlines are any indication, hackers continue to exploit vulnerabilities in cloud infrastructure platforms, with targeted AWS attacks ...

4 Min Read
Why DevOps Needs Security During an Infrastructure Transition

Pan Chhum

July 24, 2018

The rising popularity of DevOps practices in cloud infrastructure environments has allowed software teams to release work more quickly and ...

3 Min Read
How to Use Threat Stack to Enable Proactive Security

Christian Lappin

July 20, 2018

We recently discussed some pretty sobering statistics in the world of cybersecurity, ranging from astronomical misconfiguration rates to the ...

10 Min Read
101 AWS Security Tips & Quotes, Part 4: Best AWS Security Practices

Bob Allin

July 11, 2018

The fourth — and final — blog post in our series of AWS Security Tips and Quotes offers tips on AWS Security Best Practices. So far the series ...

3 Min Read
Access Management Lessons From Timehop’s Cloud Security Breach

Pat Cable

July 10, 2018

Over the past couple of weeks, both Macy's and Timehop experienced breaches as a result of authentication weaknesses. On July 4, social media startup ...

3 Min Read
Three Homegrown SecOps Tools Used by the Threat Stack Team

Pat Cable

July 9, 2018

As a security company, there’s a lot of pressure to keep our data secure while still moving fast and innovating on product development. I find the ...