Issue link:

Contents of this Issue


Page 0 of 2

As more companies build out their presence in the cloud, many are working to either fine tune their compliance alignment or to become compliant for the first me as a means of enabling stronger security across the organiza on. To help with this process, hundreds of companies have chosen Threat Stack to strengthen their compliance and security postures. Threat Stack does this, in part, by giving operators greater awareness of what is going on in their infrastructure and aler ng them immediately through fric onless integra on into exis ng workflows when compliance standards or internal policies have been violated. I N F O S H E E T Compliance Awareness With Threat Stack Incident Response Workflow With Threat Stack It's important to dis nguish between an incident and a breach to understand how Threat Stack helps. A security incident is a general term that can refer to a number of security problems like impersona on, website defacement, DDoS, and more. A breach, on the other hand, is a type of incident that results in the release of sensi ve or confiden al data, which would obviously be a massive blow for any company — especially one aligned with HIPAA, PCI, or other compliance standards. To help prevent breaches, Threat Stack integrates directly into exis ng incident response workflows. By combining mul ple detec on and assessment techniques, including host-based intrusion detec on, file integrity monitoring, vulnerability assessment, CloudTrail monitoring, and configura on audi ng, Threat Stack helps teams detect early signs of a security incident and systema cally reduces risky behavior. Threat Stack correlates deep contextual informa on with each alert to help teams quickly determine whether behavior is malicious or not so they can respond appropriately. Threat Stack also offers rulesets aligned with HIPAA, SOC 2, PCI, and others to help organiza ons move towards compliance and to con nuously maintain it over me. To assure customers that their data was secure and protected, Kevin Eberman, Director of Opera ons at MineralTree, needed to organize and monitor his environment to pass a PCI audit. His team set up mul ple new technologies, among which was host intrusion detec on and file integrity monitoring. MineralTree chose Threat Stack's intrusion detec on pla orm because its suite of security features significantly mi gates risk and provides deep security visibility into cloud environments. Eberman and his team con nue to be successful and efficient with their cloud security strategy because "Threat Stack enabled us to meet several PCI requirements simultaneously with one solu on." Since passing its PCI audit, MineralTree has been offering a valuable and secure service to their financial clients. C U S T O M E R S P O T L I G H T Threat Stack Successfully Completes Type 2 SOC 2 Examina on

Articles in this issue

Links on this page

view archives of Datasheets - Compliance-Awareness-with-Threat-Stack-Infosheet