The Q3 2019 Threat Stack SOC report covers key trends identified by the Threat Stack Cloud SecOps Program including over-permissioned users, incorrect use of root, misuse of the /tmp directory, and an update on Shellbot.
Error - something went wrong!
Get Access to Threat Stack's Cloud Security PlatformStart Trial
Investigating Automated Activity
Securing Serverless Compute
This 451 Pathfinder Paper discusses the state of container and serverless security and provides recommendations on how to secure cloud workloads regardless of deployment.
Cloud Security Requirements Analysis Worksheet
Leveraging DevSecOps to Secure Cloud-native Applications
Leveraging DevSecOps to secure cloud-native applications - ESG Report 2019
Assessing Risk & Modeling Threats to Strengthen Cloud-Native Security
Learn how to secure cloud-native applications with a comprehensive and proactive approach
How OneLogin Saves DevOps Time, Money, and Resources with Threat Stack
Learn how OneLogin saves DevOps time, money, and resources with Threat Stack on AWS public cloud.
Cloud Security Observability: A Guide to Reducing Your Cloud Native Infrastructure Risk
Security Observability and outlines six principles that will help you create a roadmap for modernizing your monitoring and controls and proactively managing risk within modern cloud-native environment
Continuing Evolution of The Shellbot Malware
Threat Stack’s latest SOC report provides an in-depth analysis of this new variant of the ongoing, persistent Shellbot cyrptomining campaign.
Build-Time Security: Securing Your CI/CD Pipeline
Learn about the risks associated with build-servers and CI/CD processes across ephemeral infrastructures
Security Challenges in a Changing Cloud Infrastructure
Learn how changes to infrastructure affect security and introduce opportunities to work faster within existing DevOps systems.
Cloud Security Threat Briefing: Docker Cryptojacking Exploit
Cloud Security Threat Briefing: Inside an Actual Docker Cryptojacking Exploit
Forrester TEI Study of Threat Stack
The State of Security Budget in 2018
The State of Security Budgeting in 2018
The 2018 State of Security Budgeting Report found that budgets are increasing but many are concerned that won't be enough. This executive summary discusses the common challenges and key takeaways
The SecOps Playbook Part II: A Practitioner's Guide for Security and Operations Teams
The SecOps Playbook for Cloud Infrastructure, Part II gives Security and Ops practitioners tips on integrating security into DevOps — without sacrificing speed.
ESG Brief - Container Security
Cloud Security Threat Briefing
What Critical AWS Misconfigurations Look Like
Refocusing Security Operations in the Cloud Era
This report provides specific and actionable guidance for IT, DevOps, and security teams as they adapt to the increased adoption of public cloud and DevOps practices.
SecOps Playbook for Cloud Infrastructure