Collaborate Disseminate
Compliance is essential, and organizations need to get it right. Despite the importance of compliance, organizations often treat it as an afterthought, rather than a business driver. Some see it as a hurdle or uninvited challenge, even though it can ha… Continue reading Aligning SecOps Teams With Compliance Roadmaps
The adage “Everything old is new again,” rings true in the cybersecurity industry as much as anywhere else. Some of the best practices from old-school network security still apply to modern virtual server or containerized environments. Even… Continue reading Three Old-School Network Security Tips That (Still!) Work for Modern Infrastructure
That’s right. The tl;dr is that Threat Stack is launching a podcast series called Your System Called — and I’ll be hosting it. You can access the podcast on iTunes, subscribe via RSS, or preview the first two episodes below…. Continue reading Introducing Threat Stack’s New Podcast: “Your System Called”
Our Motto is: Threat Modeling: The sooner the better, but never too late. — OWASP The practice of creating a threat model can help teams proactively understand and develop a strategy for managing the possible vulnerabilities their organization fa… Continue reading How to Create a Threat Model for Cloud Infrastructure Security
New global data from Checkmarx reveals that 92 percent of organizations struggle to implement security into DevOps — even though they say they want to. The heart of this issue is the common misconception that security slows things down, which lea… Continue reading 3 Questions to Ask When You’re Ready to Operationalize Your Security
Security budgets are rising, but are they helping with challenges caused by the security talent shortage? This post offers insights from our recent security budgeting survey and shares ideas on how to deal with the security talent shortage in SecOps. B… Continue reading How to Cope With the Security Talent Shortage in SecOps
At Threat Stack, we are all about keeping you secure as you scale your business and your infrastructure. That’s why we have added the ability to use AWS EC2 tags to organize and manage the deployment of Threat Stack IDS and FIM rules in your infr… Continue reading Introducing AWS EC2 Tag Integration
All types of organizations are embracing DevOps as a way to deliver work quickly and reliably. However, security sometimes falls by the wayside in favor of the desire to move fast. In fact, a recent Threat Stack survey shows that 52% of companies admit… Continue reading 3 SecOps Culture Hacks You Should Embrace Today
There’s a lot to think about when it comes to working with containers, Kubernetes, and secrets. You have to employ and communicate best practices around identity and access management in addition to choosing and implementing various tools. Whethe… Continue reading A Deep Dive Into Secrets Management
Recently I had the pleasure of joining hundreds of DevOps pros, IT managers, and security engineers at the first ever Container Security event at LEGOLAND. Attendees discussed the newest technologies, scariest threats, and biggest trends in the evolvin… Continue reading Container Security: Winter is Coming — Dress in Layers!