Threat Stack Blog and Cloud Security News

Continuous security monitoring for your cloud.

Who is Responsible for a Security Breach?

by Palen Schwab , posted in Cloud Security, Monitoring, Alerts, Cloud Context, Mean Time to Resolution

TS16031_ThreatStack_ResponsibleSecurityBreach_BlogImg-2.jpg

Before you can assign responsibility for a security breach, you need to go back to the scene of the crime and understand where it originated. No easy task given the dynamic and complex nature of cloud computing environments.

Read More [fa icon=long-arrow-right"]

Jun 30, 2016 8:56:58 AM

[fa icon="comment"] 0 Comments

The Case of the Missing Context (And Why Cloud Security Needs It)

by Palen Schwab , posted in Incident Response, Cloud Security Strategy, Cloud Security Platform, Cloud Context

detective.jpg


Dr. Watson is the intellectual and gentlemanly sidekick of fictional detective Sherlock Holmes. With Watson at his side, Sherlock is able to better navigate the complexities of human emotion (not his forte), so Sherlock leans on Watson, and understandably so. They make a good pair.

But while Watson is able to solve the odd mystery himself, only the highly observant Sherlock, with his machine-like analytical mind, is able to produce the insight needed to crack their toughest cases.

You can think of cloud security in the same way. A basic cloud security system will probably alert you to many of the biggest, most obvious attacks. But without sufficient context, you won’t be able to see the full scope of impact. You won’t know where it has spread in your system or what kind of damage it has done. Even if you manage to stop it in one area, you may not succeed in defeating it, and the ramifications can be distressing.

Cloud context gives you the clarity of a Sherlock Holmes.

Read More [fa icon=long-arrow-right"]

Mar 22, 2016 12:54:18 PM

[fa icon="comment"] 0 Comments

Contextual Data: Answering Who, What, Where, When?

by Venkat Pothamsetty , posted in Incident Response, Insider Threats, root cause analysis, Cloud Context, Threat Stack Cloud Security Platform

What if one day you came home and a bunch of your valuables had been stolen: computers, jewelry, that big screen TV... When you call the police to report the burglary, the first thing they will ask for to begin the investigation is context:


What time did it happen?

Was there a break-in? If not, who had keys to your house?

Where were your valuables being stored?

The more information they have, the better the chances they they will track down the culprit and get your stuff back. Now, if you have a home surveillance system set up—say, a Dropcam or Canary —they’re going to have even more information to work with: timestamps, video footage, audio, etc.

All in all - the more context you have, the better. The same applies to cloud security. When something goes awry, context is what guides you about what to do, where to start investigate, who’s at fault?

Read More [fa icon=long-arrow-right"]

Mar 11, 2016 12:03:09 PM

[fa icon="comment"] 0 Comments

Subscribe via email:

Posts by Topic

see all