Threat Stack Intrusion Detection Platform

Threat Stack offers the most comprehensive intrusion detection solution.

Request a Demo

Threat Stack provides an integrated platform of detection and assessment tools into a single, unified interface offering unmatched visibility, compliance, and data safety.  Unlike solutions that rely on the perimeter as the single point of detection, Threat Stack offers a comprehensive platform to help mitigate risk across your entire infrastructure.

Real-Time Host Monitoring

Conduct behavior-based monitoring and immediately detect suspicious events. An out-of-the-box ruleset provides alerts for common security events.

  • Identify untrusted system modifications with File Integrity Monitoring.
  • Catch threats that signatures miss with behavioral monitoring of users and processes.
  • Immediately detect anomalous user, process, and file activity.

Configuration Auditing

Scan AWS configurations to ensure the proper security settings are in place and enabled, while achieving an accurate security baseline.

  • Get started confidently with assurance that your configuration adheres to industry best practices. Enable regular scanning and alerting to ensure no changes are made to your environment.
  • Easily identify risks across your environment (such as wide open security groups).
  • Monitor and prioritize alerts from across multiple AWS accounts in one central location.
  • Automatically compare your security policies against AWS Best Practices and industry security benchmarks.

Workflow Integrations

Out-of-the-box integrations with popular configuration management and alerting tools allow you to seamlessly bring security best practices into existing DevOps workflows and processes.

  • Alert to email and existing ChatOps and Incident Management tools including Slack, Pagerduty, VictorOps, and webhooks.
  • Easily automate new instances with integration into your current configuration management tools including Chef, Puppet, Ansible, and SaltStack.

Threat Intelligence Correlation

Threat Stack monitors connections to known bad addresses, and alerts immediately when these connections occur.

  • Visualize connections by process and geography.
  • Get immediate notifications on connections to known bad hosts such as command and control servers.

Continuous Compliance

Meet PCI, HIPAA, SOC II, SOX 404, and ISO 27001, and customer requirements using out-of-the-box rules sets.

Threat Stack maps its rules to compliance requirements so you can easily communicate to auditors and customers that you are compliant.  This saves time and is a convenient way to provide documentation from an established third party that you have your compliance covered.  Deals can be sped up where they might otherwise be delayed due to the need to prove that your organization is fulfilling its compliance requirements.

Vulnerability Assessment

Detect systems and packages containing known vulnerabilities and cross-reference against more than two million identified CVEs. Automatically categorize them according to security risk and see which servers are affected by which vulnerabilities.

  • Discover system and package vulnerabilities ranked by severity.
  • Automatically compare against a comprehensive data set, normalized across numerous packages and distributions.
  • Cross-reference with more than 2 million CVEs and the National Vulnerability Database.