Platform
A single, cloud-native platform for workload compliance and security across the entire infrastructure stack, throughout the application lifecycle.
Cloud Posture Management
Identification of changes made to cloud configuration through service provider APIs, including host instances, security groups, IAM policy, and access keys.
Application Security
Build-time and runtime application security, including developer feedback and live attack detection and blocking.
Host Security
Real-time, continuous monitoring and protection for Linux and Windows virtual machine workloads.
Workflow Integrations
RESTful APIs and built-in integrations that leverage existing incident response, investigation, and analytics tools.
Container & Kubernetes Security
Detection of risky behaviors, active threats, and configuration issues for containers, container orchestration, and managed container services.
Program Overview
Extend your team’s security expertise and resources with the Threat Stack Cloud SecOps Program℠.
Threat Stack Oversight℠
Reduce mean-time-to-respond with 24/7 monitoring and alert escalation from the Threat Stack Security Operations Center.
Threat Stack Insight℠
Improve your cloud security posture with deep security analytics and a dedicated team of Threat Stack experts who will help you set and achieve your security goals.
Cloud Attack
Follow along as the Threat Stack Security Team shows how a malicious actor leverages the unique characteristics of the public cloud to launch their attack.
Shellbot
See inside an active cryptomining malware campaign as Threat Stack’s Security Operations Center (SOC) details a recently discovered variant of the Shellbot malware.
Plans Overview
Threat Stack offers unique solution packages to meet your cloud security goals.
Trade Up Program
Trade in any competitive solution and receive an invoice credit for current contract towards a Threat Stack plan, a dedicated on-boarding team, and customer service manager.
Compliance for Cloud Workloads
Demonstrate continuous monitoring to auditors with pre-built rulesets and compliance reports that map to major regulatory compliance requirements like PCI-DSS, HIPAA, and SOC 2.
Security for AWS
Integrate Threat Stack with AWS to monitor changes and misconfigurations across multiple accounts and services.
Intrusion Detection
Monitor for anomalous or risky behaviors across host, container, and container orchestration to alert you to signs of compromise.
Vulnerability Assessment
Detect and remediate vulnerabilities across your infrastructure.
File Integrity Monitoring
Monitor for creates, deletes, opens, and edits to secret files to identify nefarious activity and satisfy compliance requirements.
SIEM
Correlate security signals across your entire infrastructure stack with flexible built-in integrations, APIs, and data lake integration for SIEM.
DevSecOps
Bring Security and DevOps teams together: Deploy in minutes and auto-scale with configuration management tools and Kubernetes to monitor cloud-native resources throughout the build pipeline.
Secure Microservices
Monitor all of your de-coupled, stateless, polyglot services in a single solution, even when they’re built and deployed in separate pipelines by different teams.
Fargate Security Monitoring
Threat Stack fills the visibility gap for managed container services like AWS Fargate, with process tracking and detailed netflow metadata.
View Resource Center
Blog
Cloud security tips, insights, and ideas.
Newsroom
Stay up to date with the latest press releases, news, and events from Threat Stack.
Press Kit
Watch a sophisticated cloud attack and learn the necessary steps to prepare yourself.
Company
Meet the Threat Stack leadership team.
Careers
Building a great company starts with building a great team.
Contact
55 Summer Street Boston, MA 02110
Customers
Hear what our customers explain how Threat Stack has made them more successful and secure.
Partnerships
Become a Threat Stack Partner.
FAQ's
How can we help you?
Please enable JavaScript in your browser for better use of the website, some features like forms and videos use Javascript in order to display the elements.
Download the Threat Stack Security Overview
For the second year in a row, Threat Stack has completed a Type 2 SOC 2 examination for the Security and Availability Trust Services Principles for the intrusion detection platform and Oversight℠ service offerings. See our announcement here.
The SOC 2 report provides assurance to our customers and our own team that the organization has designed and implemented effective security controls as defined in the SOC 2 standards set forth by the American Institute of Certified Public Accountants (AICPA).
A copy of our SOC 2 report is available upon request. Please contact your sales representative or account team.
Threat Stack is committed to data privacy and security, including complying with and, where applicable, helping our customers and users comply with the EU General Data Protection Regulation (GDPR). GDPR is the comprehensive EU-wide data privacy law that went into effect on May 25, 2018. Besides strengthening and standardizing user data privacy across the EU, it introduced new or additional obligations on all organizations that handle EU residents’ personal data, regardless of where the organizations are located.
Read the Full Threat Stack GDPR Overview
Security, compliance, and privacy are first class citizens at Threat Stack, no more or less important than any of our other operating principles. Here are some popular features in the Threat Stack intrusion detection platform that our customers leverage to use the product more securely.
Threat Stack never stores or receives credit card and payment information on its systems. We’ve partnered with a third-party, PCI-certified vendor for credit card processing.
At Threat Stack we take any reports of vulnerabilities seriously. If you encounter a security issue with any of our software or services, please report it to [email protected] We have an internal SLA for responding to such issues, and are committed to responding and fixing any issues promptly.
Please note that it is against our Terms of Service to run automated security scanning tools against our system without prior approval.
If you feel it is necessary due to the sensitivity of your message, PGP encrypt the contents of emails to [email protected] with the Key ID 523A9C07, which is available on the standard key servers. Doing so will likely delay our response as only certain team members are able to decrypt that key.
This site uses cookies to provide better user experience. By using this site, you are accepting our use of cookies. View Privacy Policy.