Virtualization Technology News and Information
Threat Stack Expands Threat Coverage to Containers & Cloud Trail, Enhances Workload Security with Introduction of Threat Stack Pro Edition

Threat Stack, Inc., a leading provider of continuous security monitoring for companies running on Amazon Web Services (AWS), today expanded its product set with the launch of Threat Stack Pro Edition. Unveiled at AWS re:Invent 2015, Threat Stack Pro Edition provides growth-driven companies total flexibility in workload security. The product includes access to the full-featured Threat Stack API, new reporting features and new integrations with Docker and AWS CloudTrail.

“It’s important to companies that their security products allow them to scale with confidence, achieve compliance and operate efficiently,” said Threat Stack Chairman and CEO Brian Ahern. “Our Pro Edition moves customers closer to a single pane of glass with the ability to share Threat Stack’s powerful insights with the other tools and processes that keep them moving fast. AWS re:Invent is the perfect place to introduce this important new offering that illustrates our momentum.”

The addition of Threat Stack Pro Edition to the company’s product family further demonstrates how Threat Stack is scaling its business amidst record growth in its customer base. Other products in the Threat Stack product family include Threat Stack Basic Edition, Threat Stack Advanced Edition and the recently introduced Threat Stack Oversight managed security service.

New Docker and AWS CloudTrail Integration

Threat Stack Pro Edition enhances operational efficiency by integrating Threat Stack’s deep insights with a company’s existing operations and security workflows. In addition to full API access and PagerDuty integration, Threat Stack Pro Edition adds integration with Docker and AWS CloudTrail.

With the support of Docker events in Threat Stack, users gain complete visibility into key events within their environment. The integration includes out-of-the-box default rules - the Docker Base Rule Set - as well as the ability for users to easily apply custom rulesets to their environment. Container activity flows through and integrates seamlessly into the security, operations and compliance feature sets of Threat Stack, empowering companies to operate quickly and with confidence.

“Docker use is exploding and the correlation of a host-based intrusion detection system (HIDS) with Docker and AWS CloudTrail is what gives Docker users the vital context they need to act swiftly on a security incident,” said Venkat Pothamsetty, Threat Stack’s vice president of products. “This integration is what makes the Threat Stack Pro Edition solution unique and gives customers operating on AWS with Docker additional information to evaluate their security strategy, to ensure all activity within their application environment is secure and compliant.”

“As our service footprint grows beyond traditional compute nodes, keeping track of changes to our AWS environment is just as important as monitoring security events on our server instances,” said Matt Krieger, Platform Security Engineer at Sport Ngin. “Threat Stack's CloudTrail integration adds this important level of visibility to the same pane of glass our engineers already use. Since we use a number of DevOps tools to manage our infrastructure, alert rules allow us to keep an eye on all changes regardless of how they were made.”

Threat Stack Pro Edition intelligently monitors AWS workloads continuously for changes in user, process and file behavior, and recognizes when activities deviate from the norm. This provides an early warning against threats so a security team can investigate, verify and take action before an event escalates. In contrast to traditional, signature-based recognition systems, Threat Stack provides better protection against new, unknown threats and identifies whether they are malicious or accidental in nature.

Threat Stack also provides the real-time visibility and historical records companies need to prevent data loss and meet compliance regulations. Threat Stack Pro Edition features key file tracking and reporting to ensure important files stay protected; user and alert reporting to understand how a user escalated or changed their privileges to root; and compliance reporting for regulations including HIPAA, PCI DSS, SOC 2, ISO 27001 and SOX 404.

Companies have the option of adding Threat Stack’s Oversight service to gain unlimited access to Threat Stack Security Experts who deploy, configure, fine-tune, and manage the Threat Stack continuous security monitoring solution. When Oversight identifies real threats, customers are alerted so they can verify and take action. This effectively eliminates the need for in-house monitoring and allows companies to run secure and compliant, without sacrificing time and resources.

For more information about Threat Stack Pro Edition, go to

Published Tuesday, October 06, 2015 10:37 AM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<October 2015>