The Threat Stack Cloud Security Platform® is an important tool for companies with cloud compliance initiatives, including HIPAA, PCI, SOC 2, and FFIEC. To help our customers with these initiatives, Threat Stack has released four new example rulesets with monitoring rules that map to each of these compliance frameworks. This post is an introduction to these rule sets, and explains how to:
- Request the rule sets
- Use the compliance rule sets
- Customize compliance rules
- Create new compliance rules
(If you’re not a customer, this post will give you an excellent insight into one of Threat Stack’s powerful characteristics — the ability to create, clone, and edit rules in order to reflect the specific nature of your environment.) Read more “Working With Threat Stack Sample Compliance Rule Sets”
In the past, we’ve talked about various ways that compliance can add value to your business. But what happens when you don’t attain or maintain compliance. (Note: In the following, we focus on PCI, but equally unpleasant consequences can result, of course, if you fail to meet other standards such as HIPAA, SOC 2, etc.). Read more “Meeting Compliance in the Cloud ≠ A Choice”
One of our goals at Threat Stack is sharing information that will help you learn about the current cloud security threat landscape in order to effectively and more easily manage your organization’s security issues — and confidently get on with running your business.
To this end, the Threat Stack blog is a terrific repository of articles that cover a range of security topics. If you’re not a regular reader, we encourage you to start exploring — and in the meantime, have a look at the ten most-read posts of 2016. Read more “According to Our Readers: Threat Stack’s Top 10 Blog Posts for 2016 (and More)”
Compliance isn’t as simple as a connect-the-dots exercise. When you consider how fast companies are moving to and expanding on the cloud, alongside the proliferation of cloud-based security threats, compliance can be a little dizzying. We’re here to break the complexities of compliance requirements down for you, starting with SOC 2.
SOC 2 is one of the more common compliance requirements technology companies must meet today.
So what does SOC 2 compliance mean and how can you go about achieving it? In this post, we will break down the four most important things you need to know.
(Learn more about how Threat Stack Customer 6sense was able to achieve SOC 2 compliance and protect sensitive customer data.)
Read more “4 Things You Need to Know About SOC 2 Compliance”
Compliance Playbook for Cloud Infrastructure
Learn how to build a PCI DSS and HIPAA compliant business in the cloud.
We recently spoke with Threat Stack customer Jameel Al-Aziz, DevOps/Software Engineer for 6sense, and developed the following case study that showcases how Al-Aziz and his team are using Threat Stack. Al-Aziz also details in the case study the company-wide benefits they are realizing, including a shortened sales cycle, by having a continuous security monitoring solution in place. Below is their story.
Read more “New Case Study: Protecting Customer Data & Meeting SOC 2 Compliance”