Threat Stack Heats Up: Closing In On Redefining Cloud Security

This summer, despite the absolutely perfect weather here in Boston, we’ve spared no time and hunkered down to keep building and shipping new features, focusing in on top AWS community events, hiring several truly awesome people, and much more.

As the summer comes to a close, we’d like to give you a quick update on what we’ve been up to here at Threat Stack.
Read more “Threat Stack Heats Up: Closing In On Redefining Cloud Security”

Behavioral Threat Monitoring Without Models

One of the great things about the cloud is the ability for companies to grow and shrink their infrastructure elastically to meet varying levels of demand. What many people don’t think about is how to secure this sprawl of cloud compute instances. As new systems are deployed, how do you enforce a policy on them? How do you look for anomalous behavior when an instance hasn’t been up long enough to determine a baseline?

Cloud Sight has solved this problem from day 1 with our policy framework. Our policies encompass all attributes of an instance’s security posture: alert rules, file integrity rules, firewall rules, so many rules! But also, each policy has a unique, learned behavioral model associated with it. For example, an Apache web server process doesn’t usually fork /bin/sh. When our agent is activated, the instance’s baseline is already established from its peers which enables us to immediately start monitoring for anomalies.

Read more “Behavioral Threat Monitoring Without Models”