3 Min Read April 28, 2017

Working With Threat Stack Sample Compliance Rule Sets

The Threat Stack Cloud Security Platform® is an important tool for companies with cloud compliance initiatives, including HIPAA, PCI, SOC 2, and FFIEC. To help our customers with these initiatives, Threat Stack has released four new example rulesets with monitoring rules that map to each of these compliance frameworks. This post is an introduction to these rule […]

2 Min Read April 20, 2017

Meeting Compliance in the Cloud ≠ A Choice

In the past, we’ve talked about various ways that compliance can add value to your business. But what happens when you don’t attain or maintain compliance. (Note: In the following, we focus on PCI, but equally unpleasant consequences can result, of course, if you fail to meet other standards such as HIPAA, SOC 2, etc.).

4 Min Read October 7, 2016

The Ultimate Compliance Cheat Sheet: A Wrap Up of Threat Stack’s Cloud Compliance Series

We write about compliance (and talk to customers about it) pretty regularly, and if you’ve been following our blog over the last two months, then you know we also just did a full series on the topic. In addition, we released the The Threat Stack Compliance Playbook that’s full of practical information you can use to […]

5 Min Read October 6, 2016

Allocating Resources for a Compliance Audit: A Practical Framework

When companies prepare to meet compliance, whether it’s PCI DSS, HIPAA, or SOC 2, one thing that can be estimated inaccurately is the stakeholders who need to be involved — who they are, what departments they come from within your organization, what their roles are, what knowledge and skill sets they require, how long they’ll […]

7 Min Read September 30, 2016

When is Good Enough Good Enough? Meeting Compliance Without Losing Your Mind

Have you heard one about the bear and the two hikers? A bear jumps out of the bush and starts chasing two hikers. They both start running for their lives, but then one of them stops to put on his running shoes. The first hiker says, “What are you doing? You can’t outrun a bear!” […]

6 Min Read September 27, 2016

File Integrity Monitoring and Its Role in Meeting Compliance

When’s the last time someone made an unauthorized change to your system files? To answer this and other important security questions, as well as to meet many compliance requirements, you first need to have file integrity monitoring. In case you aren’t familiar with the term, file integrity monitoring (sometimes abbreviated to FIM) is the method […]