This summer, despite the absolutely perfect weather here in Boston, we’ve spared no time and hunkered down to keep building and shipping new features, focusing in on top AWS community events, hiring several truly awesome people, and much more.
As the summer comes to a close, we’d like to give you a quick update on what we’ve been up to here at Threat Stack.
Read more “Threat Stack Heats Up: Closing In On Redefining Cloud Security”
This is the third installment in our new series of weekly blog posts that dives into the role of SecDevOps. This series looks into why we need it in our lives, how we may go about implementing this methodology, and real life stories of how SecDevOps can save the Cloud.
Read more “Who Gets Access to Production?”
One of the great things about the cloud is the ability for companies to grow and shrink their infrastructure elastically to meet varying levels of demand. What many people don’t think about is how to secure this sprawl of cloud compute instances. As new systems are deployed, how do you enforce a policy on them? How do you look for anomalous behavior when an instance hasn’t been up long enough to determine a baseline?
Cloud Sight has solved this problem from day 1 with our policy framework. Our policies encompass all attributes of an instance’s security posture: alert rules, file integrity rules, firewall rules, so many rules! But also, each policy has a unique, learned behavioral model associated with it. For example, an Apache web server process doesn’t usually fork /bin/sh. When our agent is activated, the instance’s baseline is already established from its peers which enables us to immediately start monitoring for anomalies.
Read more “Behavioral Threat Monitoring Without Models”