Press Release

Threat Stack Cloud Security and Monitoring Now Integrates With Slack For Real-Time Response to Security Threats

New Integration Provides Security Alerting and Immediate Collaboration for Security and DevOps Teams

BOSTON – March 9, 2016 –Threat Stack, Inc., a leader in cloud security management and compliance, today announced its integration with team communication platform Slack. The Slack integration with Threat Stack’s Cloud Security Platform™ alerts channel members to security concerns and enables instant workflows for cloud-based security operations center (SOC) teams. The Threat Stack Slack integration improves the speed at which team members can respond to and communicate about real threats the instant they happen.

“Threat Stack’s integration with Slack alerts our entire DevOps team to security concerns and alerts in real-time,” said John de Freitas, principal software engineer, Onshape.“Threat Stack helps us to collaboratively detect potential security issues, and Slack allows us to communicate and address them immediately.”

“Today’s fast growing businesses leveraging modern infrastructure for scale need to incorporate security into day-to-day workflow tools,” said Pete Cheslock, senior director of operations and support, Threat Stack. “Integrating Threat Stack security alerts into Slack allows for context and conversation around important events, providing valuable insight into activities happening across your infrastructure.”

Threat Stack’s Slack integration automates SOC teams’ processes, delivering only the most important security alerts directly into a designated Slack channel. After all alerts are thoroughly analyzed and baselined within Threat Stack, Severity 1 and 2 alerts are delivered to Slack, including:

  • Abnormal user behavior (e.g., insider threats)
  • Abnormal process behavior (e.g., new process behavior)
  • Abnormal network behavior (e.g., connections to new and bad IPs)
  • File tracking and copying of files
  • Abnormal infrastructure and CloudTrail activity

The Slack integration works alongside Threat Stack’s audit trail capabilities, and improves SOC teams’ workflows by pinning alerts, dismissing alerts and identifying new patterns and rules. Additionally, Slack Plus users can easily archive conversations for audit and compliance purposes. By leveraging the benefits of Slack’s real-time communication, users gain deeper context on Threat Stack security alerts and the ability to collaborate pre- and post-alert to determine the best course of action.

To learn more about Threat Stack’s Slack integration, please visit our blog.


Existing customers can get started by simply providing their webhook API and alert severity preferences in the Threat Stack dashboard. New customers can get started at

About Threat Stack

Threat Stack enables growth-driven companies to scale with confidence by identifying and verifying insider threats, external attacks and data loss in real-time. The only fully integrated, cloud-native continuous monitoring solution that gives companies instant visibility and automatically responds to changes in their environment, Threat Stack provides the coverage needed to run secure and compliant, in all environments, without sacrificing speed and efficiency. For more information, or to start a free trial, visit


Lindsay Sollima
fama PR for Threat Stack
(617) 986-5026
[email protected]