Who is That EC2 User?

Identity management is a difficult problem in the cloud, especially when it comes to sharing user accounts — an all too familiar (and problematic) practice today. Sharing accounts is very common on EC2, in particular, because EC2 instances come with a standard set of user accounts that a team can begin using immediately. Although it’s possible to create more user accounts, doing so is a resource-intensive task that is not a top priority for most operations personnel — and as a result, teams often end up sharing the default accounts.

Read more “Who is That EC2 User?”

Implementing Better DevOps Security: Expert Perspectives

On Wednesday, Threat Stack was featured in an important GigaOM webinar panel, Iron Clad DevOps Security for Your EC2 Environments. The panel included our own Director of Ops and Support, Pete Cheslock, along with David Linthicum of GigaOM, Greg Ferro, Independent Analyst, and Matt Sarrel, Executive Director of Sarrel Group. It was a deeply informative hour-long discussion which David himself claimed as one of the best security webinars he’s had. We couldn’t agree more!

Read more “Implementing Better DevOps Security: Expert Perspectives”

Iron Clad DevOps Security for your EC2 Environments: Webinar with GigaOM

Join Threat Stack’s Director of Ops & Support, Pete Cheslock, as he discusses the security needs of modern, DevOps-managed infrastructures with Greg Ferro, Independent Analyst, and Matt Sarrel, Executive Director of Sarrel Group, in next week’s GigaOM webinar. 

With the lack of sophisticated security features in public cloud infrastructure environments like AWS, it’s critical for DevOps teams to implement audit trails in order to adhere to compliance and regulation mandates. Continuous security monitoring is the answer and on February 11th, Pete, Greg and Matt will be discussing the importance of having this new level of visibility into an entire EC2 attack surface. 

Read more “Iron Clad DevOps Security for your EC2 Environments: Webinar with GigaOM”

How to Prepare for the Next Shellshock: [New Webinar]

On September 24, 2014, a bug in the Unix Bash shell known as Shellshock was disclosed. The vulnerability widely affected Linux distributions, was easy to exploit, and allowed an attacker to gain unauthorized access to a computer system. This net shattering event left many organizations wondering whether they were compromised and if so, the extent of the damage.

That’s why on Wednesday, December 10th at 1:30pm EST, our Co-Founder and Chief Scientist, Jen Andre, and CEO, Doug Cahill, will be discussing lessons learned from this vulnerability and what companies can do to stay protected from the next one.

During this webinar you will learn how to:

  • Uncover new threats
    Using behavioral-based intrusion detection to protect against zero day attacks.
  • Protect your customer data
    Using continuous security monitoring and auditing to keep data secure.
  • Reduce your EC2 workload attack surface
    Gaining visibility and understanding your security coverage in AWS.

Join us for this live, interactive discussion and you will also receive a Threat Stack t-shirt. The webinar is already filling up fast — save your seat today for “Preparing for the Next Shellshock”.