A single, cloud-native platform for workload compliance and security across the entire infrastructure stack, throughout the application lifecycle.
Cloud Posture Management
Identification of changes made to cloud configuration through service provider APIs, including host instances, security groups, IAM policy, and access keys.
Build-time and runtime application security, including developer feedback and live attack detection and blocking.
Real-time, continuous monitoring and protection for Linux and Windows virtual machine workloads.
RESTful APIs and built-in integrations that leverage existing incident response, investigation, and analytics tools.
Container & Kubernetes Security
Detection of risky behaviors, active threats, and configuration issues for containers, container orchestration, and managed container services.
Extend your team’s security expertise and resources with the Threat Stack Cloud SecOps Program℠.
Threat Stack Oversight℠
Reduce mean-time-to-respond with 24/7 monitoring and alert escalation from the Threat Stack Security Operations Center.
Threat Stack Insight℠
Improve your cloud security posture with deep security analytics and a dedicated team of Threat Stack experts who will help you set and achieve your security goals.
Follow along as the Threat Stack Security Team shows how a malicious actor leverages the unique characteristics of the public cloud to launch their attack.
See inside an active cryptomining malware campaign as Threat Stack’s Security Operations Center (SOC) details a recently discovered variant of the Shellbot malware.
Threat Stack offers unique solution packages to meet your cloud security goals.
Trade Up Program
Trade in any competitive solution and receive an invoice credit for current contract towards a Threat Stack plan, a dedicated on-boarding team, and customer service manager.
Compliance for Cloud Workloads
Demonstrate continuous monitoring to auditors with pre-built rulesets and compliance reports that map to major regulatory compliance requirements like PCI-DSS, HIPAA, and SOC 2.
Security for AWS
Integrate Threat Stack with AWS to monitor changes and misconfigurations across multiple accounts and services.
Monitor for anomalous or risky behaviors across host, container, and container orchestration to alert you to signs of compromise.
Detect and remediate vulnerabilities across your infrastructure.
File Integrity Monitoring
Monitor for creates, deletes, opens, and edits to secret files to identify nefarious activity and satisfy compliance requirements.
Correlate security signals across your entire infrastructure stack with flexible built-in integrations, APIs, and data lake integration for SIEM.
Bring Security and DevOps teams together: Deploy in minutes and auto-scale with configuration management tools and Kubernetes to monitor cloud-native resources throughout the build pipeline.
Monitor all of your de-coupled, stateless, polyglot services in a single solution, even when they’re built and deployed in separate pipelines by different teams.
Fargate Security Monitoring
Threat Stack fills the visibility gap for managed container services like AWS Fargate, with process tracking and detailed netflow metadata.
View Resource Center
eBooks & Whitepapers
Customer Case Studies & Testimonials
Cloud security tips, insights, and ideas.
Stay up to date with the latest press releases, news, and events from Threat Stack.
Watch a sophisticated cloud attack and learn the necessary steps to prepare yourself.
Meet the Threat Stack leadership team.
Building a great company starts with building a great team.
55 Summer Street
Boston, MA 02110
Hear what our customers explain how Threat Stack has made them more successful and secure.
Become a Threat Stack Partner.
How can we help you?
80 total posts.
September 5, 2017
In an earlier post, we talked about how we implemented centralized authentication at Threat Stack. This project initially allowed us to create ...
April 21, 2017
Authkeys, Threat Stack’s new open source tool, performs LDAP lookups of SSH keys without the need for using scripts or other interpreted code.
April 14, 2017
Threat Stack, like many other Software-as-a-Service providers, has an on-call rotation. During any week, two members of our engineering organization ...
March 13, 2017
I remember the days when SysAdmins bragged about server uptimes that were sometimes measured in years. I have been out of the SysAdmin world for ...
December 16, 2016
Recently the Galactic Empire's Death Star plans were leaked due to a security breach on the planet Scarif. A threat actor known as ROGUE ONE ...
The USENIX LISA 2016 Conference wrapped up a week ago after a tremendous five-day program of workshops, training sessions, presentations, talks, and ...
December 5, 2016
Interested in attending AWS re:Invent 2017? Take a look at what we'll be up to.
AWS re:Invent 2016 has come and gone and what an event it was! ...
December 2, 2016
Over the past couple of years, a discussion has been brewing in the Security community about the future of its work. On one hand, the need for a ...
November 30, 2016
As we hurtle into the future, it often seems that talk in the tech media revolves around cloud computing. But the reality for many companies, ...
November 11, 2016
When someone in your company clicks on a bad link, it can spell bad news. But you know what’s worse? Them never telling you.
When employees are ...
November 3, 2016
Ask three people what SecOps is and chances are you’ll get three different descriptions:
It’s a team
It’s a job title
It’s a ...
November 1, 2016
I recently added a Starz subscription to my Amazon Prime and found a new supply of science fiction movies. One of these, Deja Vu, is a time travel ...
October 27, 2016
At Threat Stack, we’ve been a SecOps-oriented team from day one. This means our developers, operations, and security practitioners all work ...
October 26, 2016
Last Friday, multiple massive distributed denial ofservice (DDoS) attacks hit Dyn, an internet performance management company headquartered in New ...
October 25, 2016
In many startups, centralized authentication is a "future us" problem. Setting up centralized auth is useful for managing your network, but requires ...
September 28, 2016
In Part 1 of this series, I introduced the theme that good user experience (UX) design can actually promote better security overall, by fostering ...
September 22, 2016
You’re a week into your new job and a colleague shouts out across the room before a big deployment: “Hey John, you’ve got security covered, ...
September 15, 2016
A recent Motherboard article caught our eye and got us thinking about who is — and who should be — responsible for security in an organization. ...
August 10, 2016
How effective is a security tool if people don’t like using it?
A fancy floor mop sits in my closet. It’s a Swiffer WetJet, and with one look ...
July 12, 2016
Just in case you were wondering, the @nytimes building is a Pokegym.
— Runa A. Sandvik (@runasand) ...
Threat Stack Marketing Team
June 23, 2016
Threats to your data and security don’t always start on the outside, orchestrated by a shadowy group of foreign hackers. Many times, it’s actors ...