Read how the Threat Stack DevSecOps team increased the stability and improved operational efficiency of the Threat Stack Data Platform by leveraging Apache Spark and Amazon EMR.
Need compliance help? This video explains how supervised machine learning / deep learning for cloud security gives high-efficacy alerts and intrusion detection for compliance audits while avoiding false negatives/positives. No alert fatigue for DevSecOps teams.
Vulnerabilities, exploitations, mitigation, and remediation are always disruptive, and it’s F5’s mission to do what we can to provide expertise and support for customers. Teams across F5 have been actively working on tools and guidance to help already overburdened application and security teams mitigate this significant industry threat.
Companies cite many reasons for why public cloud environments are appealing: scalability, a variety of consumption options that can yield cost savings, and improved agility, to name a few. However, whether an organization is migrating existing applications, building a scaled operation for new applications hosted in the public cloud, or both, the architectural approach taken can make or break the business case.
Microservices are the norm in today’s software deployment world. As applications are decomposed into different services, the number of applications that an organization needs to deploy increases. Often the number of services increases hundreds or thousands of times. If I have one hundred applications today, this often becomes thousands of microservices.
How Threat Stack's User Interface and alert context changes can reduce key security metrics like mean-time-to-know (MTTK)
The first in a two-part series around how Threat Stack approaches its UI design for cybersecurity use cases.
Combining the power of Threat Stack and Squadcast will help you quickly detect and respond to security and compliance risk across your cloud workloads, making an enormous contribution to drive down KPIs such as MTTK and MTTR.
It's an all too common scenario where you're not able to login to an e-commerce site without jumping through hoops (forgotten password, reauthentication, email verification—but which email?). This post explores strategies organizations are implementing to spare authentic human users from all this friction, and avoid the associated lost revenue.
Case studies how cloud-native security + compliance improves ROI: Save time plus increase revenue and productivity
In an exciting proof-of-concept (POC) project, F5 partnered with SoftBank Corp. to demonstrate the viability of Multi-access Edge Computing (MEC) in a satellite communications environment, utilizing F5 caching technology to implement MEC and broadcast content in bandwidth-limited communications conditions.
Every organization is now in the digital experiences business—meaning that good UX, high performance, zero downtime, secure transactions, and a high degree of personalization are no longer differentiators; they're expected.
Learn how Threat Stack’s new Fargate support can augment your existing AWS security controls.
In this post, Blaine Connaughton uses Threat Stack’s data portability feature to dive deeper into security analytics using Jupyter PySpark notebooks.
Threat Stack’s latest Threat Intelligence Report and live attack simulation show how Threat Stack Cloud SecOps Program analysts investigate the downstream actions of automation tools when conducting forensics that require user attribution.
Andrew Warren discusses best practices for writing automated system integration tests using containers in order to effectively gray box test microservices.
Threat Stack has introduced additional runtime attack detection to its Cloud Security Platform to further protect web application, microservice, and API workloads against path or directory traversal attacks, and remote code execution.
Drawing on lessons learned from its successful 2017 and 2018 Type 2 SOC 2 examinations, Threat Stack further optimized its people, processes, and tools to accommodate scope changes and successfully complete its 2019 Type 2 SOC 2 examination with zero exceptions.
Omada Health uses Threat Stack’s Cloud Security, Oversight, and Insight Services to provide data and systems security, and HIPAA compliance.
A good way to think about how digital transformation and DevOps practices are influencing app deployment is to picture an application factory. Instead of handcrafted policies and manual review processes, network and security experts need to define reusable policies for developers to deploy with their applications as part of an automated deployment pipeline.
For many enterprises, new working patterns need to coexist alongside applications, teams, and technologies that have taken root over time and are now firmly embedded into the fabric of IT delivery. Zach Westall takes a closer look at how F5 and BIG-IP help DevOps teams (and the groups they work with) deploy services throughout the application delivery stack in support of CI/CD practices.
TJ Maher examines 10 reasons why his team uses the ThoughtWorks Gauge cross-platform test automation framework to set up acceptance tests at Threat Stack.
In this post, Tim Buntel explains how Threat Stack’s Application Security Monitoring satisfies the two distinct needs of PCI DSS Requirement 6.6: 1) Reviewing applications to proactively find vulnerabilities (and then make sure they get corrected), and 2) Detecting and blocking attacks in real time.
Threat Stack’s Application Security Monitoring detects and blocks real-time attacks at runtime while also giving developers the context they need to build in security that can help prevent future attacks.
Threat Stack’s Application Security Monitoring embeds security in development processes with no negative impact on agility or speed of application development and deployment.
Venu Aravamudan, SVP & GM, F5 Cloud Services: F5 Cloud Services accelerate application delivery through a frictionless, intuitive multi-cloud platform. These SaaS solutions are optimized for cloud-native applications and microservices.
F5 rounds out its appliance portfolio with improved price/performance, along with enhanced security and compliance features.
content="The Ansible community requires everyone to be nice to each other, to be empathetic and to be kind. This is best evidenced by the Ansible Code of Conduct for events. One excerpt: “Ansible is dedicated to providing a harassment-free conference..."
Over the past year, F5 and Ansible have been working hard to bring network automation solutions to our customers.
In successive releases, Ansible has introduced more and more network automation functionality, including persistent connections,...
Tens of millions of people are out exploring the new world of Pokémon Go. It turns out that many of those users are not people at all, but automated agents, or bots. Game-playing bots are not a new phenomenon, but Pokémon Go offers some new use cases for bots.
Today we introduce and explain an attack tool that is becoming more prevalent among our customers: the Account Checker.