Threat Stack is now F5 Distributed Cloud App Infrastructure Protection (AIP). Start using Distributed Cloud AIP with your team today.
Threat Stack’s RVP of Engineering Chris Ford was a recent guest on a DataBreachToday.com webinar. This video and transcript focuses on the innovative ways ThreatML with supervised learning helps organizations keep their cloud-native information secure while maintaining SOC 2, HIPAA, ISO 27001, and PSI DSS compliance.
Compliance Section: “Machine Learning Done Right” – Video Transcript
Tom Field, DataBreachToday.com: Keeping our organization secure is top of mind, but compliance audits are a huge ordeal for us. Can this [ThreatML with supervised learning] help with compliance?
Chris Ford, Threat Stack / F5: It sure can. Generally, [compliance] is one of the key purchase drivers for a tool like Threat Stack. When running workloads in cloud-native infrastructure, particularly the public cloud, you are still bound to either industry regulations like PCI-DSS, or state and federal data privacy laws, [or] even cloud security standards, like SOC 2 Type 2.
There are some behaviors you always want to know about. This is particularly true when you’re demonstrating compliance to an auditor. It isn’t enough for a machine learning model to highlight a finding. There are some things that you have to have a record of detecting: Behaviors in your cloud infrastructure that are subject to things like PCI-DSS or SOC 2 Type 2. Rules could be very effective ways to flag those behaviors.
Where Threat Stack can assist with that process is in collecting data and generating reports that users can hand off to an auditor, that demonstrates or provides evidence that we are monitoring according to individual line-item requirements in those compliance frameworks. And so it’s a great, easy way to say: “Yep, here: We are monitoring according to something like PCI-DSS or SOC 2.”
Threat Stack is now F5 Distributed Cloud App Infrastructure Protection (AIP). Start using Distributed Cloud AIP with your team today.
About the Author
Related Blog Posts
F5 ADSP Partner Program streamlines adoption of F5 platform
The new F5 ADSP Partner Program creates a dynamic ecosystem that drives growth and success for our partners and customers.
Accelerate Kubernetes and AI workloads with F5 BIG-IP and AWS EKS
The F5 BIG-IP Next for Kubernetes software will soon be available in AWS Marketplace to accelerate managed Kubernetes performance on AWS EKS.
F5 NGINX Gateway Fabric is a certified solution for Red Hat OpenShift
F5 collaborates with Red Hat to deliver a solution that combines the high-performance app delivery of F5 NGINX with Red Hat OpenShift’s enterprise Kubernetes capabilities.
F5 accelerates and secures AI inference at scale with NVIDIA Cloud Partner reference architecture
F5’s inclusion within the NVIDIA Cloud Partner (NCP) reference architecture enables secure, high-performance AI infrastructure that scales efficiently to support advanced AI workloads.
F5 Silverline Mitigates Record-Breaking DDoS Attacks
Malicious attacks are increasing in scale and complexity, threatening to overwhelm and breach the internal resources of businesses globally. Often, these attacks combine high-volume traffic with stealthy, low-and-slow, application-targeted attack techniques, powered by either automated botnets or human-driven tools.
Phishing Attacks Soar 220% During COVID-19 Peak as Cybercriminal Opportunism Intensifies
David Warburton, author of the F5 Labs 2020 Phishing and Fraud Report, describes how fraudsters are adapting to the pandemic and maps out the trends ahead in this video, with summary comments.