Cloud Security Platform
A single, cloud-native platform for workload compliance and security across the entire infrastructure stack, throughout the application lifecycle.
Threat Stack Oversight (SOC)
Reduce mean-time-to-respond with 24/7/365 monitoring and alert escalation from the Threat Stack Security Operations Center.
Threat Stack Insight
Improve your cloud security posture with deep security analytics and a dedicated team of Threat Stack experts who will help you set and achieve your security goals.
File Integrity Monitoring
Container & Kubernetes Security
Cloud Security Posture Management
Application Security Monitoring
Cloud Compliance Overview
Insider Threat Detection
Fargate Security Monitoring
ThreatML - Cloud Machine Learning
Security Research Center
Case Studies & Testimonials
View Resource Center
Cloud security tips, insights, and ideas.
Stay up to date with the latest press releases, news, and events from Threat Stack.
Watch a sophisticated cloud attack and learn the necessary steps to prepare yourself.
The Threat Stack Security Operations Center has observed numerous malicious actors leveraging the unique characteristics of public cloud environments to launch or hide their breaches. These SOC findings detail those specific attacks and give you steps to prevent similar incidents from happening in your environments.
Over the past two years, the Threat Stack Security Team has observed strong evidence of malicious actors leveraging the unique characteristics of public cloud environments to launch or hide their breaches. The following page shows an example of a common attack pattern observed by the Threat Stack Cloud Security Platform®.
Threat Stack’s Security Operations Center (SOC) recently discovered an ongoing and evolving cryptojacking campaign that leverages a new variant of the Shellbot malware, originally discovered by JASK in November 2018 and published in February 2019. In this new variant of the Shellbot campaign, Threat Stack has identified the addition of a new SSH brute force tool, a secondary command and control method, and the added ability to stop other cryptominers on infected servers.