Threat Stack Blog and Cloud Security News

Continuous security monitoring for your cloud.

How to Use Automation to Improve Your Cloud Security Posture

by Tim Armstrong , posted in Cloud Security, Automation, Cloud Security Use Cases Playbook, Cloud Security Use Cases, Process Automation, Automated Monitoring and Alerting

Cloud Security Use Cases Part 3-2 Blog Banner.jpg

Automating security processes and workflows can help teams lower Mean Time To Resolution (MTTR), maintain or strengthen an organization’s security posture, and drive operational efficiency. Sounds pretty good, right?

In our recent Cloud Security Use Cases Playbook, we took a look at the key operational processes that all teams should have in place and some of the ways they can continually optimize those processes over time. Today, let’s take a look at how automation can provide ongoing, deep visibility and supercharge your security operations, all while saving you time and resources.

Read More [fa icon=long-arrow-right"]

Jan 27, 2017 10:34:23 AM

[fa icon="comment"] 0 Comments

Jun 10, 2016 1:47:14 PM

[fa icon="comment"] 0 Comments

The Weekly Security and DevOps News Brief

by The Threat Stack Team , posted in Security, DevOps, SecDevOps, Automation, SecOps


A lot happened in the world of security and DevOps this week. Here are the top posts we saw:

Read More [fa icon=long-arrow-right"]

Mar 11, 2016 2:41:49 PM

[fa icon="comment"] 0 Comments

Behavioral Threat Monitoring Without Models

by Aaron Botsis , posted in Announcements, Agent, Policy, Behavior, Automation

One of the great things about the cloud is the ability for companies to grow and shrink their infrastructure elastically to meet varying levels of demand. What many people don’t think about is how to secure this sprawl of cloud compute instances. As new systems are deployed, how do you enforce a policy on them? How do you look for anomalous behavior when an instance hasn’t been up long enough to determine a baseline?

Cloud Sight has solved this problem from day 1 with our policy framework. Our policies encompass all attributes of an instance’s security posture: alert rules, file integrity rules, firewall rules, so many rules! But also, each policy has a unique, learned behavioral model associated with it. For example, an Apache web server process doesn't usually fork /bin/sh. When our agent is activated, the instance’s baseline is already established from its peers which enables us to immediately start monitoring for anomalies.

Read More [fa icon=long-arrow-right"]

Jun 10, 2014 5:01:00 PM

[fa icon="comment"] 0 Comments

Subscribe via email:

Posts by Topic

see all