Cloud Security Platform
A single, cloud-native platform for workload compliance and security across the entire infrastructure stack, throughout the application lifecycle.
Threat Stack Oversight (SOC)
Reduce mean-time-to-respond with 24/7/365 monitoring and alert escalation from the Threat Stack Security Operations Center.
Threat Stack Insight
Improve your cloud security posture with deep security analytics and a dedicated team of Threat Stack experts who will help you set and achieve your security goals.
File Integrity Monitoring
Container & Kubernetes Security
Cloud Security Posture Management
Application Security Monitoring
Cloud Compliance Overview
Insider Threat Detection
Fargate Security Monitoring
AWS Graviton2 / Arm Support
ThreatML - Cloud Machine Learning
Security Research Center
Case Studies & Testimonials
View Resource Center
Cloud security tips, insights, and ideas.
Stay up to date with the latest press releases, news, and events from Threat Stack.
Watch a sophisticated cloud attack and learn the necessary steps to prepare yourself.
Threat Stack cloud security posture management (CSPM) capabilities allow you to quickly understand your attack surface and manage risk across your AWS services and accounts.
Ingests data from AWS CloudTrail to alert you of changes made like instances spun up in unused regions.
Monitor your AWS account to make sure that all your employees are adhering to your IAM policies, like password standards or root access.
See an inventory of all servers and instances across multiple AWS accounts and see key information like instance ID, region, type, IP, and more.
Scan configurations across core AWS services, aggregating findings from multiple AWS profiles.
Threat Stack integrates with the AWS Management Console to incorporate account metadata that adds depth and context to Threat Stack alerting. To apply rules intelligently, the Threat Stack Cloud Security Platform® also integrates with Tags applied to EC2 instances. Users can selectively include or exclude specific rules based on pre-existing Tags, optimizing which rules do — or don’t — run based on their own custom tagging strategies. Threat Stack will also leverage the anomaly detection capabilities of ThreatML™ to help identify new rules and/or suggest changes to improve their targeting.
To complement deep runtime context, Threat Stack also provides cloud security posture management (CSPM) policies for scanning the configuration of your foundational AWS services against CIS Benchmarks.
Receive alerts on changes to your instances, security groups, S3 buckets, and access keys, and also see whether any of these changes had adverse effects on your systems.
See an inventory of all servers and instances across multiple AWS accounts and see key information like instance ID, region, type, IP, and more. See which servers have the Threat Stack Agent installed and assign Threat Stack rules by using EC2 tags.
Monitor your S3 buckets to ensure that your permissions are secure and that they are not open to the public.
Monitor your RDS instances and check if High Availability, Backups, and Encryption are enabled, as well as RDS-specific Security Groups.
Monitor all activity of Amazon ECS containers and the hosts these containers are running on.
Monitor all activity of Amazon EKS containers and the hosts these containers are running on.
Threat Stack is here to support you in achieving your goals for securing your entire cloud infrastructure and application stack. Learn more about how Oversight and Insight will arm you with a dedicated, in-house security team to provide expertise, reporting, and 24/7/365 management and support for your cloud security operations.