Virtualization Technology News and Information
Article
RSS
Threat Stack Announces Context Enrichment for AWS EC2 Instances

Threat Stack announced new capabilities that help security teams quickly detect and remediate threats in cloud infrastructure.

Threat Stack now enriches Linux host and container events in real time with EC2 metadata like VPC, security group, and DNS names. This added data allows customers to build targeted, infrastructure-aware rules, and machine learning models that dramatically reduce false positives and reduce alert investigation time to minutes.

By correlating workload events with cloud trail events in the Threat Stack Cloud Security Platform, Threat Stack customers will also be able to more rapidly identify threats that span multiple layers of cloud infrastructure.

Finally, enriching workload events with EC2 metadata further informs ThreatML, Threat Stack's machine learning engine that collects, normalizes, and analyzes over 60 billion events per day from customer cloud infrastructure. Threat Stack combines the anomaly detection from ThreatML with a pre-built and configurable ruleset to detect both known and unknown threats in real time.

"With insight into every layer of cloud infrastructure, Threat Stack already had the most in-depth and broad security telemetry in the industry today," said Brian Ahern, CEO, Threat Stack. "The addition of EC2 metadata to our security telemetry is a huge win for our customers as it enables security teams to further reduce their mean time and get back to focusing on proactive security faster."

Published Tuesday, February 02, 2021 12:35 PM by David Marshall
Filed under:
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
top25
Calendar
<February 2021>
SuMoTuWeThFrSa
31123456
78910111213
14151617181920
21222324252627
28123456
78910111213