Threat Stack has extended its continuous security monitoring service to support customers using containers and Amazon Web Services (AWS).
The new product, called Threat Stack Pro provides customers with access to the Threat Stack API, new reporting features and is fully integrated with Docker and AWS CloudTrail. This is a big step forward for companies who are beginning to use containers for their production cloud and are looking to be on the leading edge of technology.
Containers make deploying apps easy
Containers are attractive to customers who want to make the most of highly virtualised environments. Unlike a VM the container has no OS just the application. It is also isolated from other containers so that data cannot leak or cyber attacks jump from container to container. All a customer has to do is deploy the container and the app is ready to use.
There is always the risk that a container containing malware might end up being distributed. We have seen this in app stores. Some apps went through several evolutions before the owners introduced malware. While there is no sign that this has happened yet with containers, customers do not want to take the risk nor do cloud providers who are looking at containers to allow them to distribute complex apps to customers in a simple way.
Each containers technology company has deployed their own security technology to stop their containers being attacked by hackers. As such, customers cannot easily see what might be happening with a container. Threat Stack is extending their current security tools to that customers can now add rules to their environment in order to be able to better manage containers. At the same time Threat Stack will capture all container activity into its own reporting and compliance engine.
Threat Stack Chairman and CEO Brian Ahern said: “It’s important to companies that their security products allow them to scale with confidence, achieve compliance and operate efficiently.
“Our Pro Edition moves customers closer to a single pane of glass with the ability to share Threat Stack’s powerful insights with the other tools and processes that keep them moving fast. AWS re:Invent is the perfect place to introduce this important new offering that illustrates our momentum.”
Not just about containers
This is not just a solution for container security and management. Threat Stack are also going to be monitoring AWS workloads. They will be watching for changes in user and file behaviour similar to the way IBM, HP and others are doing with much more expensive and complex security profiling tools.
Threat Stack is also providing customers with compliance support. It enables them to audit and report for HIPAA, PCI DSS, SOC 2, ISO 27001 and SOX 404. Like the security profiling getting tools to support these compliance standards can be very expensive, especially for smaller customers.
If customers do not want to do security but would prefer to outsource it, Threat Stack also offers a Managed Security Service called Threat Stack Oversight. This service takes care of the monitoring of the user environment along with any cloud environments that they also have and alerts the customer when an issue occurs.
Continuous security monitoring, security profiling and managed security services have always been the province of large vendors. Companies such as Threat Stack are beginning to disrupt this market in the same way other companies are disrupting storage, printing, accounting and other parts of business.
Threat Stack has built an impressive business so far and provides security for customer on SoftLayer, AWS, Red Hat, Rackspace, Microsoft Azure and Google Cloud Platform. Given their success, it will be interesting to see how long they retain their independence especially as the large cloud companies are keen to buy up any success story they can find in order to bolster their cloud credentials.