Detect Risky Behavior and Signs of an Incident
Host-Based Intrusion Detection
Threat Stack looks for anomalous behaviors on the host, so we can detect attacks, even if they have bypassed your perimeter controls — or came from the inside. Our host-based solution also scales far more seamlessly than trying to put a perimeter around your elastic infrastructure.
File Integrity Monitoring
Our unique approach to file integrity monitoring shows you whether sensitive files have been opened, edited, copied, or moved. Then we give you the context to show you who did it and what else they did before and after — helping you understand whether it’s normal or not.
Your infrastructure is more than just servers. Threat Stack CloudTrail Monitoring applies behavioral detection to your CloudTrail API logs so you can detect anomalous behavior within your AWS account, whether it be changes to S3 buckets or instances spun up in an otherwise inactive region.
Assess Your Infrastructure for Misconfigurations and Vulnerabilities
Cloud Configuration Auditing
Threat Stack scans Amazon accounts and compares your configuration against AWS Security Best Practices and CIS benchmarks for CloudTrail, EC2, IAM, RDS, and S3, so you can eliminate the risks of a misconfigured AWS resource.
Threat Stack identifies host-level vulnerabilities to help you ensure that your patches are up to date.