Defining the “Full Stack” in Full Stack Security Observability

Here at Threat Stack, we’ve been talking a lot about security observability recently (check out this article and whitepaper). When you design and monitor your systems for security observability, you reduce risk and minimize the likelihood and potential impact of a security breach.

But in the same way that you’d never invest in locks and alarms for the windows of your house while leaving the doors wide open, you can’t protect your business by focusing security observability on a single perimeter only. Security observability delivers value when it’s applied throughout the entire system. We call this Full Stack Security Observability. But what, exactly, is the “full stack?” Read more “Defining the “Full Stack” in Full Stack Security Observability”

Cloud Security Observability: How to Reduce Risk in Your Cloud-Native Infrastructure

Security Observability has become an important concept recently as companies have started building software with a cloud-native mindset, embracing distributed, immutable, and ephemeral systems. As infrastructure has shifted from traditional deployment methods, older monitoring systems are no longer effective, and a new set of practices — called “observability” — has emerged.

In this post, we explain what observability is, why security observability important, and outline six principles that will help you design and monitor your systems for security observability. (For an in-depth discussion, download our new whitepaper: Cloud Security Observability: A Guide to Reducing Your Cloud Native Infrastructure Risk.) Read more “Cloud Security Observability: How to Reduce Risk in Your Cloud-Native Infrastructure”