Threat Stack Announces Enhanced Compliance Functions to Accelerate Audits with New Reporting

Unique compliance classifiers and comprehensive reporting assist with compliance framework requirements helping organizations to accelerate the audit process

BOSTON — Threat Stack, the leader in cloud security and compliance for infrastructure and applications, today announced two new product capabilities to the Threat Stack Cloud Security Platform®, compliance classifiers and enhanced compliance reporting. New compliance classifiers detect events in real-time and map them to specific compliance framework requirements. Threat Stack’s new compliance reporting allows for ad hoc and scheduled reports against classified events collected and analyzed monthly. Both of these features are aimed to simplify compliance and accelerate audits for cloud-native organizations.  

Achieving and maintaining compliance with major frameworks such as SOC 2, HIPAA, PCI DSS, and ISO 27001 are important milestones for cloud-first organizations. Protecting customer data is integral to building customer trust, and many prospects often require it before purchasing services or solutions. Compliance classifiers allow Threat Stack customers to assign its industry-leading rules directly to any framework, supplying security leaders with a clear picture of their current compliance posture. Rules can also be set without any alerting, allowing customers to monitor priority alerts while still maintaining compliance. Rule labeling gives security leaders the control to make and implement changes required to satisfy the compliance certification.

Additionally, Threat Stack now equips customers with new compliance reporting. Monthly reports are delivered directly within the platform, collecting and centralizing the required information needed to pass security components for compliance audits i.e., the rules in place to protect certain data and the corresponding controls for implementing the rules. Compliance reports are aligned to specific compliance frameworks and are easily accessible so customers can respond to ad hoc audit requests.

“Traditional approaches to compliance no longer scale with today’s complex stack of diverse infrastructures and applications. The Threat Stack Cloud Security Platform diminishes the nuisances surrounding compliance and accelerates the audit process through advanced reporting,” said Chris Ford, VP of Product at Threat Stack. “As we continue on our path of innovation by maturing our platform and compliance capabilities, these key enrichments, compliance classifiers and comprehensive reporting, give our customers the added support needed to achieve their security and compliance goals.” 

Threat Stack supports the entire compliance lifecycle by helping organizations to observe, classify, demonstrate, and maintain compliance. Through Threat Stack’s Oversight℠ and Insight℠ services, organizations have 24/7/365 SOC and advisory support to monitor environments and ensure continuous security for compliance beyond initial audits. 

To learn more, visit: https://www.threatstack.com/use-cases/cloud-compliance

About F5

F5 is a multi-cloud application services and security company committed to bringing a better digital world to life.​​​​​​​ F5 partners with the world’s largest, most advanced organizations to secure and optimize every app and API anywhere—on premises, in the cloud, or at the edge. F5 enables organizations to provide exceptional, secure digital experiences for their customers and continuously stay ahead of threats. For more information, go to f5.com. (NASDAQ: FFIV)

You can also follow @F5 on Twitter or visit us on LinkedIn and Facebook for more information about F5, its partners, and technologies. F5 is a trademark, service mark, or tradename of F5, Inc., in the U.S. and other countries. All other product and company names herein may be trademarks of their respective owners.

# # #

This press release may contain forward looking statements relating to future events or future financial performance that involve risks and uncertainties. Such statements can be identified by terminology such as "may," "will," "should," "expects," "plans," "anticipates," "believes," "estimates," "predicts," "potential," or "continue," or the negative of such terms or comparable terms. These statements are only predictions and actual results could differ materially from those anticipated in these statements based upon a number of factors including those identified in the company's filings with the SEC.