Post banner
Cloud SecurityThreat Stack 4 Min Read

Securely Leveraging the Business Benefits of the Cloud

This is a guest blog written by IT Central Station

In a recent report by Snyk, 99% of respondents recognized security as an important element in their cloud native strategy. This increased awareness means that organizations understand that cloud security and compliance are becoming more critical for companies that want to leverage the business benefits of the cloud. Making security and compliance work in the cloud requires risk identification, threat detection, data protection, and continuous support. In this context, IT Central Station members who use the Threat Stack Cloud Security Platform® shared their thoughts on its features, benefits, and ease of use.

Cloud Security Use Cases

IT Central Station members are utilizing Threat Stack in various ways. For instance, Skyler C., a software development manager at a real estate/law firm, uses the Threat Stack Cloud SecOps Program℠ for auditing logs. Threat Stack is an agent on all of their machines. The firm also uses Threat Stack’s security operations (SecOps) program to filter and analyze the resulting flow of cloud security data.

Skyler explained that “our biggest use case is collecting all the data, having them there to watch our backs and help give us recommendations on what we can fix, and to help us in case there is an incident, where they can help us track everything.” This is useful because the firm is small enough that it doesn’t have dedicated security resources to manage this around the clock.

Mike S., a DevSecOps engineer for a small computer services company, primarily uses the solution for threat and vulnerability management. He said, “We look at it for cloud security. It ingests logs; however, it also has an agent that runs on the servers. It picks up vulnerabilities in-house.” His company uses Threat Stack’s rules for tasks like detecting suspicious or malicious activity. He added that “we pretty much audit and we can pick out and do remediation or prevent potential attacks.”

How the Solution Benefits the Organization

There is no shortage of examples of how Threat Stack improves operations at Skyler C.’s organization, such as identifying ways to automate. He remarked, “When we first signed up with Threat Stack, we were just using password authentication. One of the first things they noticed and that we collaborated on was that we needed to start automating some of these logins and actually know who was on the box, so it wouldn’t always show up as the same user.” They first needed to disable password authentication, which made it easier to deal with search certificates. He revealed that “now there’s just one code-push and all the servers update and I don’t have to worry about it.”

In terms of cloud infrastructure, Skyler was impressed with how Threat Stack connects with his Amazon Web Services (AWS) account. The solution lets him know which boxes are and aren’t running the agent. “That’s the biggest insight they’ve given there,” he said. “That’s allowing me to see which servers I have my agent on and which ones I don’t. I can get a quick glance at my weak points and servers that I need to either migrate over or get rid of.”

He added that Threat Stack has cut down the time to investigate potential attacks, noting that “we have a link, we click the link, we open Threat Stack, and it takes us right to the events we need to know about. That’s been just awesome. In terms of time saved, to go in and dig through the servers and find all the logs, it probably saves 45 minutes to two hours per incident, a couple of times a week.”

Mike S. reported that Threat Stack would be the one vendor his company needs for its entire AWS cloud environment. “It would save us from having a mix of native and open-source tools.” He shared that the solution has a lot of different features that are quite useful, such as the threat and vulnerability manager. He also noted the stability has been quite good, and technical support is very helpful.

Ease of Setup and Use

IT folks always welcome a seamless installation, and that was definitely the case for Skyler C. “The initial setup was very straightforward and quite amazing,” he said. “The installation of the agent is really slick and easy, and the data reporting back was great. Getting our account tweaked to a level where we were OK with the number of alerts was really smooth.”

He added that “we were deployed relatively quickly. It didn’t take much longer than a week to get all the agents installed. Then, once they were set up, we were on a call the next week to get everything dialed in so everything was working perfectly. It was about a week to get all this stuff set up and another week to go through and tune everything.”

Mike S. also reported a pleasant installation and said he enjoys how the system easily allows him to test rules. He commented, “You can build a roll and test it, and it will tell you if it is good or not. Compared to other tools, we’ve found it to be quite stable.”

If you’re interested in learning more about how Threat Stack can help your organization gain the business benefits of the cloud, while maintaining security and compliance, check out this ebook, Top Considerations For ML-based Cloud Security. Additionally, to hear more about what IT Central Station members think about Threat Stack, visit our reviews page on IT Central Station.