Threat Stack Blog and Cloud Security News

Continuous security monitoring for your cloud.

Tom McLaughlin

As the Engineering Advocate at Threat Stack, Tom uses his experience in cloud infrastructure / security to solve problems and provide great insight into solutions. He loves finding new and interesting ways of safely and securely automating infrastructure. When not at work he is a proud cat dad to two calicoes and enjoys spending his time drag racing and sailing. He is also an amateur thinkfluencer on Twitter at @tmclaughbos.

Recent Posts

Packaging a Python Flask Web Service Using Chef Habitat

by Tom McLaughlin, posted in Cloud Security, Web Services, Python, Chef, Habitat

Python Flask Habitat Blog Banner-2.png

One of the challenges of building open source tools is figuring out how to package and distribute them. This is particularly true with web services. To make building, deploying, and running web services easier, Chef created Habitat.

When building open source web services for Threat Stack, one of our concerns is how to package these Python Flask applications so they run in the widest array of environments with low adoption friction. Using Habitat, the process is quick and easy.

For this post, we’re going to focus on the specifics of packaging a Python Flask application and the particular needs of that stack.

Read More [fa icon=long-arrow-right"]

Feb 22, 2017 1:02:18 PM

[fa icon="comment"] 0 Comments

Cloud Security Best Practices: Finding, Securing, & Managing Secrets, Part 1

by Tom McLaughlin, posted in Cloud Security Best Practices, Cloud Security Maturity, Managing Secrets

Starting Your Cloud Security Journey Part 3.png

Secrets — passwords, API keys, secure tokens, private keys, and so on — protect access to sensitive resources in your environment. If not properly managed, they can end up in the wrong hands.

In Part 1 of this post, we will show you best practices for finding secrets. In Part 2, we will explain how to manage them using appropriate software tools in order to quickly and cost-effectively achieve a higher level of security.

Read More [fa icon=long-arrow-right"]

Feb 21, 2017 2:23:48 PM

[fa icon="comment"] 0 Comments

Python Flask Exception Handling In A Secure Manner

by Tom McLaughlin, posted in Cloud Security, Exception Handling, Python, Flask, Python Flask Exception Handling

Python Flask Blog Banner2-1.png

In our last Python Flask blog post, we walked through building a simple application to take in a Threat Stack webhook and archive the alert to AWS S3. In this post, we’ll dive into Python exception handling and how to do it in a secure manner.

The code in the last post was written to be as simple and readable as possible. However, what happens if something goes wrong in our application? There’s no error or exception handling. If something goes wrong — for example, we hit a bug or receive bad data — there’s nothing we can do about it in the application. Instead of returning a parseable JSON response, the app will just spit a backtrace embedded in an HTML document back. The entity sending the request to our service is then left trying to figure out what may have gone wrong.

Read More [fa icon=long-arrow-right"]

Feb 9, 2017 2:02:31 PM

[fa icon="comment"] 0 Comments

Planning Your Cloud Security Program

by Tom McLaughlin, posted in Cloud Security Strategy, Security Awareness Program, Industry Best Practices, Cloud Security Maturity, Security Baseline

Starting Your Cloud Security Journey Part 1.png

As we stated in the introduction to this blog post series, our purpose is to give you insight into the issues you should address when you are at the early stages of establishing a cloud security program.

If your organization is just starting out on its cloud security journey — whether it’s a rapidly growing startup or a more established company — it’s important to develop a strategic security roadmap that’s suited to its early-stage maturity level. You should not reasonably expect to go from no security or rudimentary security to a full-blown, encompassing program in one step. It’s far better to take a graduated approach by defining objectives that will give you reasonable protection now, that won’t drain your budget and resources (and possibly divert critical resources and attention away from your company’s primary business goals) — and that will also serve as a rock solid platform to build on when you want to move up to the next level of maturity on the cloud security ladder.

What you need is an end-to-end roadmap that will get you started in security, address your first round of security concerns, and noticeably and measurably improve your security stance, all in a reasonable amount of time and for a reasonable expenditure of money and resources.  

And that’s exactly what we’ll do in this post: walk through five steps that will help you develop a strategic action plan that includes defined goals and is targeted at your organization’s specific maturity level, needs, and resources.

Read More [fa icon=long-arrow-right"]

Feb 7, 2017 10:11:51 AM

[fa icon="comment"] 0 Comments

Threat Stack Blog Series: Starting Your Cloud Security Journey

by Tom McLaughlin, posted in Cloud Security, Cloud Security Maturity Strategy, Blog Post Series, Cloud Security Maturity

Cloud Security Journey Series Announcement Blog Banner.png

More and more companies are migrating to the cloud — and for good reason considering the many benefits such as speed, flexibility, and reduced costs.

One of the key questions that always comes up in this transition centers on cloud security. Not so much in the form of “Is the cloud secure?” but more in terms of “What is your company doing to make sure its infrastructure is secure?”

In the best scenario, companies include cloud security in their business plan on day one. In the worst case, they limp along for years without a strategically planned, comprehensive security roadmap that will provide real protection for their IP, data, systems, customers, and reputation.

In both cases, these organizations have one thing in common: Regardless of how long they’ve been in business, they are at an early stage of cloud security maturity. They are just starting out on their cloud security journey.

And that’s where we can help.

Read More [fa icon=long-arrow-right"]

Feb 3, 2017 1:04:22 PM

[fa icon="comment"] 0 Comments

Writing a Web Service Using Python Flask

by Tom McLaughlin, posted in Cloud Security, Security, Web Services, Python, Flask, Establishing Security, Python Flask Web Service

Python Flask Blog Banner.jpg

Many of our customers are building useful services using our webhook feature — but unfortunately, others are not. Often we hear that no one on their team is proficient enough to write a service that can ingest a webhook payload and do something with the data. That leaves them either hoping to get cycles from their development team (unlikely) or continuing to do without.

But what if you could write your own web services? How many routine tasks that involve taking data from system A and inputting it into system B could you automate? 

Learning to code well enough can be a major skill in your tool chest and a major asset for optimizing security processes in your organization.

So in this post, I’m going to walk you through a tutorial that will get you started on the road to writing your own web services using Python Flask.

Read More [fa icon=long-arrow-right"]

Jan 26, 2017 11:32:09 AM

[fa icon="comment"] 0 Comments

Boston Cloud Security & Incident Management Workshop Recap

by Tom McLaughlin, posted in Cloud Security, DevOps, SecOps, PagerDuty, DevSecOps, Incident Management, Workshop, Cloud Security Maturity Model

PagerDuty Workshop Event Recap Blog Banner.jpg

Last night we got together with our good friends from PagerDuty to host an event at District Hall in the Seaport area of Boston. It was a fun evening, offering product-related presentations, a wide-ranging panel discussion, and an opportunity to socialize with friends, colleagues, and other like-minded folks.

Before we go further, you may ask why we’re teaming up with PagerDuty. PagerDuty and Threat Stack have a tight product integration that enables you to manage all types of alerts in one place, making sure you have an end-to-end security solution that alerts you when the unexpected occurs. A great combination!

Read More [fa icon=long-arrow-right"]

Jan 13, 2017 4:29:58 PM

[fa icon="comment"] 0 Comments

Post Mortem: Death Star Data Breach by ROGUE ONE

by Tom McLaughlin, posted in Security, data breach, Post-Mortems, Star Wars, Rogue One

Star Wars Blog Banner.jpg

Recently the Galactic Empire's Death Star plans were leaked due to a security breach on the planet Scarif. A threat actor known as ROGUE ONE carried out the breach with support from the Rebel Alliance fleet. This post mortem has been commissioned by the Imperial Security Bureau and documents what is currently known while active investigation continues.

This breach is not expected to delay construction of the Death Star. The battle station is expected to be operational by its previously announced date, if not before.

Read More [fa icon=long-arrow-right"]

Dec 16, 2016 4:00:29 PM

[fa icon="comment"] 0 Comments

The USENIX LISA 2016 Conference: In Their Own Words

by Tom McLaughlin, posted in Cloud Security, Security, Compliance, SecOps, LISA16 Conference, Boston, USENIX, Cost Containment

LISA16 Event Recap Blog Banner.jpg

The USENIX LISA 2016 Conference wrapped up a week ago after a tremendous five-day program of workshops, training sessions, presentations, talks, and more. Our own Pat Cable, Threat Stack Security Engineer, lent his expertise as “Invited Talks Co-Chair,” and Threat Stack was a proud sponsor of the event.

Full length presentations and videos will soon be available on the LISA site, but we thought it would be fun and informative to follow LISA’s motto of “More Craft, Less Cruft” by bringing you short video interviews with five LISA16 attendees and presenters.

So in their own words, here’s what they had to say about their favorite projects, the importance of security, and anything else that was top of mind.

Read More [fa icon=long-arrow-right"]

Dec 16, 2016 1:26:23 PM

[fa icon="comment"] 0 Comments

AWS re:Invent 2016 Sets Records for New Services and Attendance

by Tom McLaughlin, posted in Cloud Security, Security, AWS ReInvent, AWS Services

AWS reInvent Event Recap Blog Banner.jpg

AWS re:Invent 2016 has come and gone and what an event it was! This year had a record-breaking attendance of more than 30,000 people, showing the tremendous interest in all the advantages that the cloud has to offer. The expo floor (where Threat Stack was a Gold Sponsor) mirrored this growth with many new vendors to full-scale enterprise offerings with multi-floor architectures. It's clear from this year's re:Invent that the cloud industry has moved out of its infancy into full scale adoption across a vast number of  implementations.

So, what were our team's key takeaways?? It’s become clear that security is no longer a tax, but rather an investment into long-term organizational growth and success. Given the cloud’s explosive growth, security must be considered early on rather than as an afterthought. In addition to a strong interest in security, AWS launched many new services that will help to accelerate cloud adoption and enable companies to move even faster.

Read More [fa icon=long-arrow-right"]

Dec 5, 2016 1:32:36 PM

[fa icon="comment"] 0 Comments

Subscribe via email:

Posts by Topic

see all