Threat Stack Blog and Cloud Security News

Continuous security monitoring for your cloud.

Jen Andre

The heart of Threat Stack's innovation and product vision, Jen is passionate about designing the next generation of security tools for our modern infrastructure. Before co-founding Threat Stack, Jen worked on Mandiant's Research and Development team under Jamie Butler, developing innovative tools to analyze malware. At Symantec, she worked on the development team architecting a backend, that processed tens of terabytes of security data every day, as well as a security analyst, in Symantec's Managed Security Services division aimed at protecting the Fortune 500 against threats.

Recent Posts

Threat Stack at the 2014 RSA Conference

by Jen Andre , posted in EVENTS, RSA


We’re excited to announce that we’ll be exhibiting at RSA for the very first time this year. Security experts from all over the world will be attending, including many of our own customers, and we hope to see you there as well!

Where: South Exhibit Hall Booth #402 at the Moscone Center

When: February 24-28, 2014

What: Talk with our founding team and see demonstrations of our flagship cloud security monitoring platform, Cloud Sight (we also have a few surprises for you).

Join: Use our Expo Pass Code EC4TRSK to register for a free Exhibit Hall Pass. The deadline to redeem is Friday, February 21, 2014.

Read More [fa icon=long-arrow-right"]

Feb 5, 2014 5:18:00 PM

[fa icon="comment"] 0 Comments

Cloud Server Forensics Take Center Stage

by Jen Andre , posted in Cloud Security, Cloud Forensics

At Threat Stack, we’re constantly exploring ways to advance cloud server forensics. We’re especially attentive to this as it’s an area of cloud security that’s becoming more critical since the attack vector of cloud is growing.

Forensic logs can lay out the scope of an attack that’s occurred on your servers, but getting to the bottom of what’s been done is usually much easier said than done. In fact, you can easily find yourself paying up to $600/hr for a security consultant to do this exact work if you don’t have the right tools in the first place. But what does it mean to have the right tools?

Do existing methods work?

Read More [fa icon=long-arrow-right"]

Jan 15, 2014 5:19:00 PM

[fa icon="comment"] 0 Comments

“Yt? Seeing something odd in the logs…”

by Jen Andre , posted in Linux Security, Logs

A tale of a suspicious Linux process (with a dash of dog food thrown in)

The other day my coworker informed me, "Hey, there’s a weird process making network connections on your box." A dreaded string of words if there ever were any for the security-conscious developer.

Read More [fa icon=long-arrow-right"]

Dec 26, 2013 5:20:00 PM

[fa icon="comment"] 0 Comments

Cloud Security Is Always Your Responsibility

by Jen Andre , posted in Cloud Security, Continuous Security Monitoring, Endpoint Behavioral Profiling

Too many times we hear and read about how insecure the cloud is or worse — that the cloud is already secure because IaaS providers have security groups and protection capabilities. These ideologies are all too common and far too wrong. By using outsourced cloud infrastructure, you are only outsourcing your infrastructure, not your security. Security is always your responsibility.  

Read More [fa icon=long-arrow-right"]

Dec 18, 2013 5:21:00 PM

[fa icon="comment"] 0 Comments

Richard Bejtlich and Chris Wysopal Join Threat Stack Advisory Board

by Jen Andre , posted in Security, Advisors

Since starting Threat Stack in November of 2012, it has been our mission to create the most powerful security monitoring and forensics platform built specifically for the cloud. Since then, we’ve been honored and humbled to work with many of the world’s top cloud and security providers and experts.

Now, we’re excited to announce that Richard Bejtlich, CSO of Mandiant, and Chris Wysopal, CTO and co-founder of Veracode, have joined the Threat Stack Advisory board.

Read More [fa icon=long-arrow-right"]

Dec 3, 2013 5:22:00 PM

[fa icon="comment"] 0 Comments

Cloud Security is Not a Binary Question

by Jen Andre , posted in Risk Management, Cloud Security, Breaches

If you think Rick Spickelmier is correct, you’re dead wrong.

Recently, an article in Pando Daily asserted that the “cloud” is secure  —  so, long live the cloud, stop worrying and learn to love the cloud. Right??

Read More [fa icon=long-arrow-right"]

Nov 21, 2013 5:23:00 PM

[fa icon="comment"] 0 Comments

Our new Snorby Cloud sensor setup is amazing

by Jen Andre , posted in Security Monitoring, Linux Security, Network security monitoring, Snorby

When Dustin developed and launched Snorby in 2009, he had a vision of creating an application that made the process of analyzing and classifying events accessible as simple as possible for analysts. While this helped make NSM accessible to more people, the process of actually deploying the sensor infrastructure remains cumbersome.

Read More [fa icon=long-arrow-right"]

Nov 7, 2012 5:07:00 PM

[fa icon="comment"] 0 Comments

Threat Stack - Let's Make Network Security Monitoring work.

by Jen Andre , posted in Security Monitoring

It’s 2012.  Why is Network Security Monitoring still so hard?

Read More [fa icon=long-arrow-right"]

Oct 8, 2012 5:26:00 PM

[fa icon="comment"] 0 Comments

Subscribe via email:

Posts by Topic

see all