2019 is almost over, and it’s time for our year-end wrap-up.
We’re committed to helping you strengthen your cloud security and compliance so you can focus on your core business goals. So instead of another list of predictions or biggest breaches, we’ve rounded up some of our most-read blogs from 2019. These cover a broad range of topics, and together offer great advice on how you can identify risks, set priorities, and develop a sustained, proactive approach to maturing your organization’s compliance and security posture.
1. Thought leadership & practical tips on achieving Unified Security Observability
A major problem that organizations can face when dealing with cloud security is fragmentation — whether it’s caused by the absence of an overarching strategy, piecemeal operating procedures, point solutions that don’t play well together, the inability to see your environment as an integrated entity, or some other cause. The key to solving this problem centers on achieving full stack security observability, and to help, we’ve published numerous posts on the subject.
A terrific example is our VP of Application Security Products Tim Buntel’s Defining the “Full Stack” in Full Stack Security Observability. The framework Tim outlines makes it possible to see your entire cloud environment as a comprehensive, integrated infrastructure, which in turn, helps you identify threats, reduce risk, and add end-to-end monitoring and alerting in a coordinated manner. This makes it possible to shift your organization away from reactive practices to a security approach that is effective, efficient, and proactive.
As Tim points out, to effectively reduce security risk in cloud applications, you need insight into three planes: Tiers, Time, and Team — which together give you Full Stack Security Observability. If you understand these three planes as well as their intersection points, you can build for observability, which lets you understand the overall security health of your systems, detect abnormalities, and investigate security incidents quickly and thoroughly. If you want to observe and manage your environment from a single point of view, this blog post is a great place to start.
2. Advice from Threat Stack’s SOC experts
For deep dives into security issues, we go directly to the security analysts in our Security Operations Center (SOC). To keep you informed, educated, and safe, these experts publish findings each quarter along with threat briefs as the need arises. Here’s an example of each:
- Findings From the Threat Stack Q3, 2019 SOC Report: While the Threat Stack SOC encounters everything from exotic malware campaigns to issues they’ve seen a thousand times before, Blaine Connaughton, Director of Security Services on Threat Stack’s Security team, reminds users to focus on problems that will make an immediate difference to their security posture instead of chasing things that have a low likelihood of affecting their organization. In this post, he discusses three of the most common shortcomings his team observed among users of the SOC in Q3 2019: incorrect use of root, over-permissioned service users, and misuse of the tmp directory. Not very sexy, but totally capable of giving attackers access to your systems and data. (If you’re interested, download the full Threat Stack SOC Report – Q3 2019.)
- A Threat Stack SOC Analysis: The Continuing Evolution of the Shellbot Cryptomining Malware: While Blaine’s post centers on basic security hygiene, Ethan Hansen, Threat Stack security analyst, undertakes a rigorous analysis of the Shellbot malware campaign in his threat briefing, pointing out that — while an organization may not be affected by Shellbot — their security team should understand it, or work with a security team that does.
3. Understanding how compliance meets your present requirements, and how to prepare for the future
Whether we’re writing about fairly new standards such as GDPR, explaining the basics of a specific framework, or offering tips on how to integrate compliance and security into your operational practices, compliance is always a hot topic. Here are three of the compliance posts you found most valuable over the last year:
- How SaaS Companies Can Build a Compliance Roadmap: Meeting compliance requirements can be a challenge, but it can also open up new markets, speed your sales process, and strengthen your company’s overall security posture. Providing insights and background on seven of the compliance types you’re most likely to encounter, this post is an excellent primer on the subject. (Note: This post is also available as an audio blog.)
- 9 Common Questions About SOC 2 Compliance: Once you have an overview of compliance types that could affect you, you need a deep understanding of individual frameworks. What most of you like about this post (also available as an audio blog) is the fact that it doesn’t try to dumb the subject down. SOC 2 is a complex set of requirements that must be carefully reviewed and systematically addressed, and this post unpacks nine key questions about SOC 2 to give you a solid introduction on what you need to know and do to achieve compliance.
- New PCI Standards for New Ways of Building Software: Software development methodologies and compliance frameworks have evolved significantly over the decades and will continue to do so. As such, it’s critical to understand how to integrate methodologies and frameworks in daily practice. Tim Buntel does exactly this when he explains how the PCI Security Standards Council has introduced its new PCI Software Security Framework to align PCI with modern software development and deployment practices such as DevOps, microservices, and containers. Although the new standards won’t be in place until 2022, we wanted to get the word out early so organizations like yours can plan and adapt well ahead of that date.
4. Learning from the experience of others — Case Study Blogs
We published a number of Case Study blog posts in 2019, thanks to our customers’ eagerness to share stories on how they successfully transformed their infrastructures using the Threat Stack Cloud Security Platform® and Threat Stack Oversight℠ and Insight℠ services. Here are two we want to reshare:
- How Stratasan Addresses Its Growing Security & Compliance Needs for Healthcare IT and Services Using Threat Stack: Stratasan is a Nashville-based healthcare company. As their needs grew from an initial requirement for host-based intrusion detection and support for HIPAA to their current, much larger, list of technical, compliance, and operational demands, the company has derived increasing value from using the Threat Stack Cloud Security Platform and Oversight service. This post outlines how Stratasan went on to leverage Threat Stack to gain the visibility, multiple tiers of monitoring, and auditable data it needs to address its growing and increasingly complex security and compliance needs.
- Threat Stack Supports Omada Health’s HIPAA Compliance, Hyper Growth, & Operational Efficiency: In this post, Omada Health, another healthcare company, explains how they continue to leverage Threat Stack’s Cloud Security Platform and professional services to strengthen security and compliance, optimize operations, and achieve their goal of providing a “digital care program that empowers people across the chronic disease spectrum to set and reach their health goals by offering one dynamic program for multiple conditions.” If you haven’t done so already, take a read to see how you can benefit from their experiences.
5. Expanded Threat Stack products and services
Threat Stack Launches New Unified Application Security Monitoring Solution: We’re always making enhancements to the Threat Stack Cloud Security Platform, and one that caught our readers’ attention this year was the addition of Application Security Monitoring to the existing Cloud Security Platform.
With the rapid adoption of cloud-native architectures — including microservices, containers, and serverless — application security has become more important than ever. While many application security options are available on the market, the addition of Application Security Monitoring to the existing Threat Stack Cloud Security Platform makes Threat Stack the first to enable cloud security observability across the full stack and full lifecycle in a single solution.
The Threat Stack platform, now inclusive of the Threat Stack Application Security Monitoring solution, helps customers connect the dots with contextualized information from every part of the cloud stack throughout the entire software development lifecycle. By correlating information from the cloud management console, containers, container orchestration, and application layers, Threat Stack customers can quickly and accurately identify risk and ongoing attacks across their cloud environment.
Wrapping up . . .
The posts outlined above just scratch the surface of what we offered our readers in 2019. Make sure you subscribe to the blog to stay up to date in 2020. We’ll continue to bring you information that will help you understand your security and compliance needs and translate them into proactive tactics and strategies.
We’re committed to helping you with your cloud security and compliance, and want to see you reduce risk, have the ability to quickly remediate issues, strengthen your security posture, and have the confidence to focus resources and teams on achieving your core business goals.
Moving ahead, we want to hear from you. So be sure to send us your feedback, and in the meantime, we wish you all the best for a joyous and secure holiday season.