To Build or Buy Your Own Security Platform: That is the Question

What’s your priority: to become a Security Company or be a Secure Company?

If you’re truly in the security business, then of course you’ll be building your own security platform. For all the rest, please keep reading . . .

In this post I will cover some of the challenges involved in building a cloud security platform like Threat Stack. My goal is to give you a clear idea of what is involved and the complexity, so you can make a decision about building or buying that is meaningful from both an engineering and a business perspective.

Spoiler alert: In my view, the right choice for most companies is not to build their own security. Most should strive to become Secure Companies so they can get on with their core business.  Read more “To Build or Buy Your Own Security Platform: That is the Question”

A Year in the Life of Threat Stack’s Cloud Security Platform®

Before we get too far into 2017, we want to take a final look back at 2016 — specifically at some of the great enhancements we made to Threat Stack’s Cloud Security Platform®.

In the security world, 2016 was filled with major incidents, including massive data breaches, nation-state cyber interference, crippling DDoS attacks, and increased numbers of ransomware incidents — along with all the less glamorous, day-to-day security threats that had the potential to impact every cloud-based business in existence. So much for the bad news!

At Threat Stack, 2016 was the year we transformed our best-of-breed Host Intrusion Detection System into the industry’s first cloud-native, end-to-end Cloud Security Platform to deliver a unified view into workloads, infrastructure monitoring, vulnerability management, threat intelligence, and compliance reporting. Read more “A Year in the Life of Threat Stack’s Cloud Security Platform®”

Threat Stack Broadens Cloud Security Platform With New Configuration Auditing

How securely configured is my AWS environment? Have I checked all the right boxes? Have I locked all my doors and windows?

With the release of AWS Configuration Auditing — a major new feature of the Threat Stack Cloud Security Platform® (CSP) — Threat Stack is the only cloud security monitoring platform that enables customers to assure that their AWS environment is configured to policy and from there, implement continuous security monitoring, alerting, and investigation at any stage in their company’s cloud maturity lifecycle.

Configuration Auditing enables Threat Stack customers operating in AWS to implement AWS security best practices by automatically auditing current environments and providing an immediate, concise report of configurations that are non-compliant with best practices. Threat Stack then offers steps to remediate the issues and make the AWS environment more secure.
Read more “Threat Stack Broadens Cloud Security Platform With New Configuration Auditing”

A Blueprint for Selecting Security Technologies Inside the Cloud

Cloud security operations teams, especially ones that are looking at security technologies for the first time, are often faced with a daunting list of vendors who offer technologies with wide-ranging capabilities. Understanding the pros and cons of each might seem difficult or impossible at first, especially because the enterprise security sector is inundated with technologies that address security from a defense in depth perspective, offering different technologies at each layer. These include Firewalls, VPNs, IDS, IPS, log collection tools, SIEM tools, routers and switches with security capabilities, endpoint security tools, vulnerability management tools, threat management tools, etc.

Read more “A Blueprint for Selecting Security Technologies Inside the Cloud”

How to Create an Effective Cloud Security Alerting Process

The first component of any security program should be an alert system. Alerts are typically the fastest and most effective way to be notified when something goes wrong so you can jump into action. But alerts also have the stigma of being too noisy, throwing out false positives, or requiring a lot of fine tuning to get right. After all, a minor bug in the code that doesn’t affect end users isn’t the type of thing you should be woken up in the middle of the night for.

Read more “How to Create an Effective Cloud Security Alerting Process”

New Webhook API — Unleashing the Power of Real-Time Security Alerts

With today’s announcement, Threat Stack continues its commitment to driving increasingly efficient security workflows. The addition of a new webhook API builds on the integrations that Threat Stack has already created with PagerDuty, Slack, Docker, AWS, and others — giving our customers almost endless possibilities for developing custom, automated workflows based on alerts.

Read more “New Webhook API — Unleashing the Power of Real-Time Security Alerts”

Does Your Cloud Security Strategy Include These 5 Things?

There are a few things you just don’t leave home without — your keys, your wallet and usually, a large cup of coffee. These are the daily tools you use to get in and out of places, acquire things you need, and keep you alert and energized. This is not much different from your daily cloud security needs. Your organization needs to be fully equipped and protected across all aspects of your cloud environment to be prepared for whatever life throws at it.

Read more “Does Your Cloud Security Strategy Include These 5 Things?”

The Case of the Missing Context (And Why Cloud Security Needs It)

Dr. Watson is the intellectual and gentlemanly sidekick of fictional detective Sherlock Holmes. With Watson at his side, Sherlock is able to better navigate the complexities of human emotion (not his forte), so Sherlock leans on Watson, and understandably so. They make a good pair.

But while Watson is able to solve the odd mystery himself, only the highly observant Sherlock, with his machine-like analytical mind, is able to produce the insight needed to crack their toughest cases.

You can think of cloud security in the same way. A basic cloud security system will probably alert you to many of the biggest, most obvious attacks. But without sufficient context, you won’t be able to see the full scope of impact. You won’t know where it has spread in your system or what kind of damage it has done. Even if you manage to stop it in one area, you may not succeed in defeating it, and the ramifications can be distressing.

Cloud context gives you the clarity of a Sherlock Holmes.

Read more “The Case of the Missing Context (And Why Cloud Security Needs It)”