Threat Stack’s RVP of Engineering Chris Ford was a recent guest on a DataBreachToday.com webinar. This video and transcript focuses on the innovative ways ThreatML with supervised learning helps organizations keep their cloud-native information secure while maintaining SOC 2, HIPAA, ISO 27001, and PSI DSS compliance.
Tom Field, DataBreachToday.com: Keeping our organization secure is top of mind, but compliance audits are a huge ordeal for us. Can this [ThreatML with supervised learning] help with compliance?
Chris Ford, Threat Stack / F5: It sure can. Generally, [compliance] is one of the key purchase drivers for a tool like Threat Stack. When running workloads in cloud-native infrastructure, particularly the public cloud, you are still bound to either industry regulations like PCI-DSS, or state and federal data privacy laws, [or] even cloud security standards, like SOC 2 Type 2.
There are some behaviors you always want to know about. This is particularly true when you’re demonstrating compliance to an auditor. It isn’t enough for a machine learning model to highlight a finding. There are some things that you have to have a record of detecting: Behaviors in your cloud infrastructure that are subject to things like PCI-DSS or SOC 2 Type 2. Rules could be very effective ways to flag those behaviors.
Where Threat Stack can assist with that process is in collecting data and generating reports that users can hand off to an auditor, that demonstrates or provides evidence that we are monitoring according to individual line-item requirements in those compliance frameworks. And so it’s a great, easy way to say: “Yep, here: We are monitoring according to something like PCI-DSS or SOC 2.”