Cloud Security Platform™ Provides Automated CVE Check Against Every Package Installed
BOSTON– March 30, 2016 – Threat Stack, a leader in cloud security management and compliance, today announced advanced capabilities in the Threat Stack Cloud Security PlatformTM that provide customers with the most comprehensive vulnerability verification of any cloud security offering currently on the market. Threat Stack’s Cloud Security Platform automatically analyzes all customer packages against the more than 2 million Common Vulnerabilities and Exposures (CVE) listed in the National Vulnerability Database (NVD) run by the National Institute of Standards and Technology (NIST).
“Threat Stack wants to keep customers as current as possible on critical CVEs,” said Venkat Pothamsetty, vice president of products and customer advocacy, Threat Stack. “The Threat Stack Cloud Security Platform compares every single CVE published to every package installed, cross-checks against all corresponding vendor advisories on those packages and pin points to the image ID that the servers are instantiated from. The extensive and platform approach we take is resulting in the least false positive rate of CVEs in the industry, but also directly helping with workflows by pointing out what AMI needs to be updated.”
Security and operations teams operating in the cloud are challenged with assuring security, eliminating vulnerabilities and running as fast as possible. Operations teams, in particular, need to quickly identify packages with vulnerabilities before they’re rolled out into the infrastructure.
Understanding the growing importance of vulnerability management to cloud users, Threat Stack has assured that the cloud-native platform automatically examines package information on the workload, checking against the NVD. The cloud service also provides manual, custom updates; cross references with operating systems vendors; and proactively directs customers to which AMI needs to be updated.
The cloud native, fully-integrated Threat Stack Cloud Security Platform supports data across all environments, cloud security providers and containers, eliminating the need for fragmented solutions and reducing the complexity of security concerns facing IT leaders and CIOs. By providing vulnerability management at the workload layer, Threat Stack gives customers the confidence they’re managing CVEs efficiently, enabling them to focus on more high-priority security threats.
To learn more about Threat Stack’s vulnerability management capabilities, please visit the Threat Stack blog.
About Threat Stack
Threat Stack enables growth-driven companies to scale with confidence by identifying and verifying insider threats, external attacks and data loss in real-time. The only fully integrated, cloud-native continuous monitoring solution that gives customers instant visibility and automatically responds to changes in their environment, Threat Stack provides the coverage needed to run secure and compliant, in all environments, without sacrificing speed and efficiency. For more information, or to start a free trial, visit threatstack.com.