Press Release

Threat Stack Cloud Security Platform® (CSP) Adds Ruleset Customization and One-Click Cloning for Improved Accuracy and Efficiency

Threat Stack, a leader in cloud-native security and compliance management, today announced new, streamlined rules management workflows and one-click cloning capabilities for Threat Stack Cloud Security Platform® (CSP). Together, these enhancements provide next-level customization and automation capabilities to help enable busy IT, security and DevOps professionals to work quickly and efficiently.

“Threat Stack’s new rules management allows us to easily maintain and update our cloud infrastructure’s intrusion detection configuration,” said John de Freitas, Principal Software Engineer, Onshape. “Any change that needs to be propagated across several instances is done once, and we can be confident it’s applied as necessary.”

Security is not a one-size-fits-all solution. Threat Stack offers all users a default set of rules, developed by security experts over several years, to detect a wide range of suspicious behaviors. Threat Stack’s new rules flow customization makes it easier than ever to train the Threat Stack CSP to identify what behaviors are truly anomalous in a given environment for more accurate alerts about real threats.

Additionally, users can easily group sets of behaviors together and apply them across multiple assets, minimizing the time and effort needed to manage security alerting processes. These features can be applied to any Threat Stack alerting rule, which continuously monitor the security of customer environments at the host, container (Docker) and AWS infrastructure levels. Customization capabilities deliver increased value to busy security and operations teams by enabling more streamlined security processes for improved accuracy, efficiency and user experience.

“The enhanced ruleset capabilities improve the speed, automation and usability of our platform in responding to increasingly severe, complex and frequent threats,” said Venkat Pothamsetty, VP of Product Development at Threat Stack. “It’s important to constantly refine the signal-to-noise ratio and Threat Stack’s approach to managing alerts continues to make this easier for our customers.”

The Threat Stack CSP’s all-in-one dashboard includes integrated workload insights, infrastructure monitoring, vulnerability management, threat intelligence and compliance reporting to provide relevant context and automate event correlation across customer environments.

Customers using Threat Stack CSP can now more easily and efficiently:

  • Browse and update rules settings from a unified interface – At-a-glance view provides a holistic view of all the rules and rulesets in a customer environment;
  • Clone existing rules into current or new rulesets – Tailor default rules to match the behavior of an environment; clone suppressions into new rules;
  • Unify File Integrity Monitoring rule management – File rules are now included as part of the associated alert rule, delivering a massive time savings for File Integrity Monitoring.
  • Name rules for easy identification – Easily group and identify sets of behaviors and apply them across multiple assets;

The new Threat Stack Cloud Security Platform enhancements are available immediately to new customers. For more information, please visit

About Threat Stack

Threat Stack enables growth-driven companies to scale with confidence by identifying and verifying insider threats, external attacks and data loss in real-time. The only fully integrated, cloud-native continuous monitoring solution that gives customers instant visibility and automatically responds to changes in their environment, Threat Stack provides the coverage needed to run secure and compliant, in all environments, without sacrificing speed and efficiency. For more information, or to start a free trial, visit