Case Studies

MineralTree Case Study

Issue link: https://resources.threatstack.com/i/871274

Contents of this Issue

Navigation

Page 1 of 1

The Solution: Threat Stack MineralTree chose Threat Stack's Cloud Security Pla orm ® because its suite of security features significantly mi gates risk and provides deep security visibility into cloud environments. These features include real- me monitoring of users and system ac vity via Threat Stack's Host Intrusion Detec on (HIDS), as well as ongoing Vulnerability Assessments that allow MineralTree to update their systems to the most recent, and least vulnerable packages. Addi onally, File Integrity Monitoring (FIM) enables MineralTree to ensure the safety of sensi ve data by aler ng whenever sensi ve files are accessed. To obtain the highest level of PCI cer fica on, MineralTree engaged a third-party Qualified Security Assessor (QSA) to audit their environment. The audit was a rigorous assessment that required the documenta on of all relevant policies and procedures as well as technical details and evidence. Addi onally Eberman was required to demonstrate that the Threat Stack agent does not manipulate or collect any sensi ve data, and cannot perform any command and control. The Result Threat Stack greatly simplified the process of achieving PCI compliance for MineralTree. Eberman and his team con nue to be successful and efficient with their cloud security strategy because "Threat Stack enabled us to meet several PCI requirements simultaneously with one solu on. Specifically, Threat Stack provides Host Intrusion Detec on, Network Intrusion Detec on, system access monitoring, system user ac vity logging, file integrity monitoring, and the logging and archiving of all related events in the event that a breach occurs and a forensic analysis is required. This includes the ability to maintain archived logs in a manner that they cannot be tampered with." Eberman went on to state that "Threat Stack con nues to innovate and improve their pla orm. Over me it has become easier to use, and they have added useful features, like a daily report of installed applica ons with newly iden fied security issues that need to be mi gated." Since passing its PCI audit, MineralTree has been offering a valuable and secure service for their many financial clients. 55 Summer Street, Boston, MA 02110 1+ 617.337.4270 threatstack.com Threat Stack enables growth-driven companies to scale securely and meet complex cloud security needs by iden fying and verifying insider threats, external a acks, and data loss in real me. Purpose-built for today's infrastructure, the Threat Stack Cloud Security Pla orm ® and Cloud SecOps Program℠ combine con nuous security monitoring and risk assessment to empower security and opera ons teams to be er manage risk and compliance across their en re infrastructure, including cloud, hybrid-cloud, mul -cloud, and containerized environments. For more informa on or to start a free trial, visit threatstack.com. COPYRIGHT © 2018 THREAT STACK, INC. / TS-CASE-MINERALTREE-2018-3 "Threat Stack enabled us to meet several PCI requirements simultaneously with one solution." KEVIN EBERMAN, Director of Operations, MineralTree

Articles in this issue

Links on this page

view archives of Case Studies - MineralTree Case Study