AWS Fargate Security Monitoring

Threat Stack fills the visibility gap for AWS Fargate with process tracking and detailed netflow metadata.

The Threat Stack Approach


AWS assumes more responsibility for Fargate operations, but there’s still attack surface to account for. Threat Stack has you covered by looking deeply into Fargate runtime metadata, and contextualizing it with activity from AWS CloudTrail and the application layer.


Threat Stack’s platform provides out-of-the-box detection rules for suspicious behaviors, so you can spot threats sooner. Threat Stack Container Security Monitoring for AWS Fargate also calculates statistics on network metadata, allowing for precise behavioral baselines that inform future investigations.


Managed container services lend themselves well to immutable infrastructure. When unexpected processes or traffic patterns appear, you need to know ASAP. Threat Stack ensures effective change controls for Fargate, with deep visibility that proves compliance.

How It Works

The Threat Stack Fargate Agent deploys as a sidecar as part of your ECS task definition. The Agent receives its own resources, and as part of the task, it even monitors intra-task traffic that doesn’t appear in VPC Flow Logs. Proximity to the task’s containers also allows the Threat Stack Fargate Agent to capture runtime process activity for advanced alerting and compliance auditing use cases.

Dive Deeper Into Threat Stack Fargate Support

Check out the latest on Threat Stack Container Security Monitoring for AWS Fargate: