A single, cloud-native platform for workload compliance and security across the entire infrastructure stack, throughout the application lifecycle.
Cloud Posture Management
Identification of changes made to cloud configuration through service provider APIs, including host instances, security groups, IAM policy, and access keys.
Build-time and runtime application security, including developer feedback and live attack detection and blocking.
Real-time, continuous monitoring and protection for Linux and Windows virtual machine workloads.
RESTful APIs and built-in integrations that leverage existing incident response, investigation, and analytics tools.
Container & Kubernetes Security
Detection of risky behaviors, active threats, and configuration issues for containers, container orchestration, and managed container services.
Extend your team’s security expertise and resources with the Threat Stack Cloud SecOps Program℠.
Threat Stack Oversight℠
Reduce mean-time-to-respond with 24/7 monitoring and alert escalation from the Threat Stack Security Operations Center.
Threat Stack Insight℠
Improve your cloud security posture with deep security analytics and a dedicated team of Threat Stack experts who will help you set and achieve your security goals.
Follow along as the Threat Stack Security Team shows how a malicious actor leverages the unique characteristics of the public cloud to launch their attack.
See inside an active cryptomining malware campaign as Threat Stack’s Security Operations Center (SOC) details a recently discovered variant of the Shellbot malware.
Threat Stack offers unique solution packages to meet your cloud security goals.
Trade Up Program
Trade in any competitive solution and receive an invoice credit for current contract towards a Threat Stack plan, a dedicated on-boarding team, and customer service manager.
Compliance for Cloud Workloads
Demonstrate continuous monitoring to auditors with pre-built rulesets and compliance reports that map to major regulatory compliance requirements like PCI-DSS, HIPAA, and SOC 2.
Security for AWS
Integrate Threat Stack with AWS to monitor changes and misconfigurations across multiple accounts and services.
Monitor for anomalous or risky behaviors across host, container, and container orchestration to alert you to signs of compromise.
Detect and remediate vulnerabilities across your infrastructure.
File Integrity Monitoring
Monitor for creates, deletes, opens, and edits to secret files to identify nefarious activity and satisfy compliance requirements.
Correlate security signals across your entire infrastructure stack with flexible built-in integrations, APIs, and data lake integration for SIEM.
Bring Security and DevOps teams together: Deploy in minutes and auto-scale with configuration management tools and Kubernetes to monitor cloud-native resources throughout the build pipeline.
Monitor all of your de-coupled, stateless, polyglot services in a single solution, even when they’re built and deployed in separate pipelines by different teams.
Fargate Security Monitoring
Threat Stack fills the visibility gap for managed container services like AWS Fargate, with process tracking and detailed netflow metadata.
View Resource Center
eBooks & Whitepapers
Customer Case Studies & Testimonials
Cloud security tips, insights, and ideas.
Stay up to date with the latest press releases, news, and events from Threat Stack.
Watch a sophisticated cloud attack and learn the necessary steps to prepare yourself.
Meet the Threat Stack leadership team.
Building a great company starts with building a great team.
55 Summer Street
Boston, MA 02110
Hear what our customers explain how Threat Stack has made them more successful and secure.
Become a Threat Stack Partner.
How can we help you?
Threat Stack is committed to protecting your privacy through our compliance with the policies and practices in this notice.
This notice applies to information we collect:
It does not apply to information collected by:
By accessing or using the Site, you agree to the policies and practices described in this notice. If you do not agree with our policies and practices as described in this notice, you may not use the Site. We may change this notice from time to time. Your use of the Site at any time indicates your acceptance of the version of this notice posted on the Site at such time, so please check this notice periodically for updates.
The Site is not intended for use by children under 13 years of age, and we do not knowingly collect any information from or about children under 13. If you are under 13, do not use the Site for any reason. If we discover that we have collected or received personal information from or about a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information about a child under 13, please contact us at [email protected].
We collect several types of information from and about users of the Site, including information:
We collect this information:
The information we collect on or through the Site may include:
If you use features of the Site that are designed to be shared, such as with other users in your organization, or if you participate in an event that includes other individuals, such as other users in your organization or other participants in a user community or discussion forum, you also may provide information to be posted or otherwise shared with such other individuals (collectively, “User Contributions”). Your User Contributions are posted and/or transmitted at your own risk. We limit access to certain areas of the Site according to our your or your organization’s configuration settings, but you acknowledge that no security measures are perfect or impenetrable. In addition, you acknowledge that we cannot completely control the actions of other users of the Site with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed, copied or stored by unauthorized persons.
As you navigate through and interact with the Site, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including:
The information we collect automatically is statistical data and may include personal information, but we may maintain it or associate it with personal information we collect in other ways or receive from third parties. This information helps us to:
The technologies we use for automatic data collection may include:
We use information that we collect about you or that you provide to us:
We may also use your information to contact you about our own products and services that may be of interest to you. If you do not want us to use your information in this way, you can elect not to be contacted for this purpose by contacting us at [email protected].
We may disclose aggregated, anonymized information about our users without restriction.
We may disclose personal information that we collect or you provide as described in this notice:
If you do not want us to share your personal information with unaffiliated or non-agent third parties for promotional purposes, you can opt-out by contacting us at [email protected].
We do not control third parties’ collection or use of your information from other sources to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can opt out of receiving targeted ads from members of the Network Advertising Initiative its website link to http://optout.networkadvertising.org/?c=1#!/.
You can review and change certain elements of your personal information by logging into the Site and visiting your account profile page.
You may also send us an email at [email protected] to request access to, correct or delete any personal information that you have provided to us. We cannot delete all of your personal information except by also deleting your user account. We may not accommodate a request to delete or change information if we believe the deletion or change would violate any law or legal requirement or cause the information to be incorrect or if we have a separate legal basis for possessing and processing such information, such as to fulfill the terms of a contract between you or your organization and us.
We retain personal data only for as long as reasonably required for the purpose for which it was collected or to which you have given your consent. Your personal information that we use for marketing purposes will be kept until you notify us at [email protected] that you no longer wish to receive marketing communications from us.
We have implemented reasonable and appropriate measures to secure your personal information from accidental loss and from unlawful or unauthorized access, use, alteration, and disclosure. You can read more about our specific security measures at the security page on the Site at https://www.threatstack.com/security. The Site is hosted on secure servers provided by our hosting services provider in the United States (“US”).
The safety and security of your information also depends on you. For example, where we have given you (or where you have chosen) a password for access to certain parts of the Site, you are responsible for keeping this password confidential.
The Site is located in the US, and while we provide our intrusion detection services to customers throughout the world, we handle certain customer data in the US. We recognize that the European Union (“EU”) has established strict protections regarding the handling of personal data originating in the EU, including requirements to protect fundamental rights and freedoms of individuals and to provide adequate protection for EU personal data transferred outside of the EU. We are committed to processing personal data in accordance with our obligations as a data “processor” or “subprocessor” under applicable EU data protection laws. If your organization is based in the EU or is otherwise directly or indirectly subject to EU data protection laws, including Regulation 2016/679 (the “General Data Protection Regulation”), we have executed, or upon request by your organization will execute, and have otherwise committed to comply with the applicable standard contractual clauses approved by the European Commission related to our processing or subprocessing of personal data in connection with the services we provide to your organization as our customer. For our customers to which such EU data protection laws apply, these requirements under include:
We will inform you of any changes we make to our privacy policies and practices that affect this notice by posting an updated notice on this page on this page. The date this notice was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting the Site and this notice to check for any changes.
To ask questions or comment about this notice and our privacy policies and practices, please contact us at: [email protected]. For information about personal information provided to us by or through your organization, please contact the appropriate representative at your organization.