According to Our Readers: Threat Stack’s Top 10 Blog Posts for 2016 (and More)

One of our goals at Threat Stack is sharing information that will help you learn about the current cloud security threat landscape in order to effectively and more easily manage your organization’s security issues — and confidently get on with running your business.

To this end, the Threat Stack blog is a terrific repository of articles that cover a range of security topics. If you’re not a regular reader, we encourage you to start exploring — and in the meantime, have a look at the ten most-read posts of 2016. Read more “According to Our Readers: Threat Stack’s Top 10 Blog Posts for 2016 (and More)”

Post Mortem: Death Star Data Breach by ROGUE ONE

Recently the Galactic Empire’s Death Star plans were leaked due to a security breach on the planet Scarif. A threat actor known as ROGUE ONE carried out the breach with support from the Rebel Alliance fleet. This post mortem has been commissioned by the Imperial Security Bureau and documents what is currently known while active investigation continues.

This breach is not expected to delay construction of the Death Star. The battle station is expected to be operational by its previously announced date, if not before. Read more “Post Mortem: Death Star Data Breach by ROGUE ONE”

How to Conduct a Blameless Security Post-Mortem

When someone in your company clicks on a bad link, it can spell bad news. But you know what’s worse? Them never telling you.

When employees are afraid to come forward about a mistake they’ve made (or think they’ve made), it makes security responders’ jobs that much more difficult.

Unfortunately, this kind of negative atmosphere is a reality at many companies. The good news is the culture can be improved, and one way of doing this is by conducting blameless security post-mortems. I spoke about this in my DevOpsDays Austin talk in May, 2015. Threat Stack partners VictorOps  and PagerDuty have also written on the topic. You need your whole team to be security ambassadors (not roadblocks), and blameless security post-mortems can help enable this.

Below, we’ll explore what a blameless post-mortem is and how it applies to your future security incident response.

Read more “How to Conduct a Blameless Security Post-Mortem”