Threat Stack Announces Most Comprehensive Cloud Security Vulnerability Verification
Cloud Security Platform Provides Automated CVE Check Against Every Package Installed
BOSTON – March 30, 2016 – Threat Stack, a leader in cloud security management and compliance, today announced advanced capabilities in the Threat Stack Cloud Security PlatformTM that provide customers with the most comprehensive vulnerability verification of any cloud security offering currently on the market. Threat Stack’s Cloud Security Platform automatically analyzes all customer packages against the more than 2 million Common Vulnerabilities and Exposures (CVE) listed in the National Vulnerability Database (NVD) run by the National Institute of Standards and Technology (NIST). “Threat Stack wants to keep customers as current as possible on critical CVEs,” said Venkat Pothamsetty, Vice President of Products and Customer Advocacy, Threat Stack. “The Threat Stack Cloud Security Platform compares every single CVE published to every package installed, cross-checks against all corresponding vendor advisories on those packages, and pinpoints to the image ID on the affected servers. The extensive approach we take is resulting in the least false positive rate of CVEs in the industry.” Security and operations teams operating in the cloud are challenged with assuring security, eliminating vulnerabilities, and running as fast as possible. Operations teams, in particular, need to quickly identify packages with vulnerabilities before they’re rolled out into the infrastructure. Understanding the growing importance of vulnerability management to cloud users, Threat Stack has assured that the cloud-native platform automatically examines package information on the workload, checking against the NVD. The cloud service also provides manual, curated updates, cross references with operating systems vendors, and proactively directs customers to which AMI needs to be updated. The cloud native, fully-integrated Threat Stack Cloud Security Platform supports data across all environments, cloud security providers and containers, eliminating the need for fragmented solutions and reducing the complexity of security concerns facing IT leaders and CIOs. By providing vulnerability management at the workload layer, Threat Stack gives customers the confidence they’re managing CVEs efficiently, enabling them to focus on more high-priority security threats. To learn more about Threat Stack’s vulnerability management capabilities, please visit the Threat Stack blog.