Once again, Monitorama 2017 — the sixth official Monitorama — was held in Portland, OR. The event began at 10 a.m. on Monday, May 22 with a talk by John Rauser of Snapchat and ran for three days packed with great presentations, demos, and conversations. Read more “Monitorama 2017: The Monitoring Revolution Continues”
Monitoring is the most reliable method of identifying and tracking users who are accessing data on company systems. Whether you’re on the lookout for an unauthorized employee viewing confidential patient data, or a malicious outsider trying to steal cardholder data, monitoring is indispensable to a strong security posture.
As well, monitoring is a requirement for just about every major compliance framework and regulation, from PCI DSS to HIPAA and beyond. For the sake of this post, we’ll be focusing on security monitoring requirements for PCI DSS and HIPAA, two of the most widely applicable regulations today.
Software bugs, like security vulnerabilities, can crop up in unexpected places, and the only way you can really be prepared for them is by testing and monitoring in real-world scenarios. Lab testing can only go so far when it comes to software performance (and security vulnerabilities, for that matter), and that’s exactly how Applause came about. We realized there was a big opportunity to create a new way to test software, websites, mobile apps and other digital properties using a global community of professional testers that could actually test on real devices in real locations under real-world conditions.
If I learned one thing at Monitorama 2016 in Portland, Oregon, it’s this: it has never been easier to monitor your infrastructure. Not only have the tools come a long way in the last few years, but the community and perspectives on monitoring have rallied as well, by focusing on the people who build and use monitoring systems.
A lot has happened in the world of DevOps and Security this week. Here are the top posts we saw around the community:
This is the fourth installment in our new series of weekly blog posts that dives into the role of SecDevOps. This series looks into why we need it in our lives, how we may go about implementing this methodology, and real life stories of how SecDevOps can save the Cloud.
This is the first part of a new series of weekly posts that will dive into the role of SecDevOps. This series looks into why we need it in our lives, how we may go about implementing this methodology, and real life stories of how SecDevOps can save the Cloud.
Read more “Why SecDevOps Will Save The Cloud”
Right on the heels of traveling out to Monitorama in Portland, OR, we will be making a splash at BSides Boston. Having been to several BSides events across the country in the past, we’re excited to immerse ourselves in this one — and right in our own backyard!
Mark Thomas and Bill Young of Threat Stack will be speaking at BSides, expanding the local security community on topics of cloud security monitoring and operations security.
Schedule (full schedule here)
Mark Thomas, our Principal Software Engineer, will be speaking on “Smarter Detection and Faster Incident Response”.
When: Friday, May 9th at 2:20pm
Wrapping things up for us, Bill Young, our Senior Infrastructure Engineer, will be speaking on “Security Monitoring for DevOps”.
When: Saturday, May 10th at 4pm
We look forward to being among many other top-tier security experts in the local Boston area and contributing to the next big innovations in cloud security.
Threat Stack is making its first appearance at Monitorama this year in Portland, OR. One of the largest open source conferences and hackathons for developers and web operations experts, Monitorama invites those who are advancing the state of open source monitoring in a big way.
It’s 2012. Why is Network Security Monitoring still so hard?