This document summarizes a presentation about Threat Stack, a cloud security platform. It discusses Threat Stack's integrated security and operations capabilities for scaling securely in AWS. The presentation includes customer stories from AdRoll and HelloSign, which discuss how they use Threat Stack for continuous monitoring, visibility, compliance, and enforcing security policies at scale as their infrastructure and businesses grow dynamically. The document encourages attendees to start securing their AWS infrastructure with a Threat Stack trial.
2. • Security for Software Defined World
• Threat Stack Cloud Security Platform
• DevOps and Security Worlds
• Threat Stack Customer Success Stories
Agenda
3. Threat Stack Team
Vikram Varakantam
Director, Products and Customer
Development
Background:
Vikram Varakantam is Director,
Products and Customer Development
at Threat Stack
Vikram is a long time veteran of
security products domain with Senior
Product Management roles managing
IPS, Fireall and Security Services
products at Cisco Systems Inc.
5. Security for Software Defined World ?
Devops and Sec image, courtesy of @petecheslock #devopsdays
6. Worlds of DevOps and Security
• Culture, Collaboration
• Continuous Operations at Scale
• Repeatability, Scale and Automation,
API
• Well Known Orchestrated Baselines
• KISS Principles
• Tight Feedback Loops
• Continuous Risk Management
• Information sharing on as needed
basis
• Solutions for specific domain
functions
• Compliance and Reporting
• Industry Benchmarks and
Compliance Policies (CIS, PCI, NIST)
DevOps
Philosophy & Tooling
Feedback & Hygiene
Traditional Security
8. CLOUD SECURITY PLATFORM FOR START-UPS, HIGH GROWTH & ENTERPRISE
Modern Infrastructure Requires Modern Security.
Vulnerability
Management
Threat Intelligence Compliance
Reporting
Infrastructure
Monitoring
Workload
Insights
Cloud Native. Platform Independent. Fully Integrated.
9. INCREASE VELOCITY OF YOUR SECURITY OPERATIONS
Time to detection: Go from 4 hrs to 4 minutes
GAIN COMPLETE VISIBILITY INTO BEHAVIOR
Know Who, What, Where, When across your entire
environment
CONTINUOUS SECURITY MONITORING & VISIBILITY, IN ONE PLACE
No need to chase down fragmented data points from
multiple tools
ASSURE COMPLIANCE FOR YOU & YOUR CUSTOMERS
Automatically implement effective controls, policies
& procedures to protect data and meet compliance
Why Threat Stack?
11. Threat Stack Customer Story:
Ilya Kalinin
Senior DevOps Engineer
Background:
IIya Kalinin is a Senior DevOps Engineer at
AdRoll, #1 retargeting Adtech platform.
IIya is a leading DevOps practitioner
involved in large scale Infrastructure
Management automation projects
leveraging tools as Jenkins, Docker,
Ansible, Terraform, AWS.
12. AdRoll Infrastructure Overview
• Highly Elastic Infrastructure with 1000-1500 Instances
• Distributed Development teams with multiple configuration management tools
Terraform, Ansible, Puppet...
• System Components are treated as Separate Services from a operations point
of view
• Developers need continuous access to troubleshoot, support their own
services in production
• SRE team wants to retain control and have the audit trail but doesn't want to be
a bottleneck to the engineering team’s velocity
• Every service is using an AMI pre-approved by SRE team to baseline
deployments
13. Key Use Cases for Cloud Security
Get Visibility
Trust But
Verify
Enforce
Rules-based
Behavior
• Developers need continuous access to
troubleshoot, support their own services in
production
• SRE team wants to retain control and have
the audit trail but doesn't want to be a
bottleneck to the engineering team’s velocity
• Integrating Security across multiple Services
across the AdRoll Infrastructure
• Enforcing Security Policy at Scale
• Integrating Security into Existing Engineering
Practices without any disruption
14. Threat Stack Workflow
• Threat Stack Agent Integrated into AMI images pre-approved by SRE with
various deployment automation tools for coverage across all Services.
• Security Monitoring on per service basis using custom ruleset to baseline
each service behaviors.
• Initial challenges in adopting Threat Stack is deriving per service
baselines and an initial rule set.
• Daily and weekly alert review, create suppression rules for new or
changed baselines creation advice: better let some noise come through
than miss something important.
15. Ilya’s Cloud Security Advice…
Be Patient
Cloud Security is important and important things take
time to get right.
Build vs. Buy
Do the calculations – you might be surprised by the
cost of building…
Ask for Help
Threat Stack cloud security experts are always
available to help; you don’t have to know all of the
answers
16. Threat Stack Customer Story:
Anshu Gupta
Director of Information Security
Background:
Anshu Gupta is the Director of
Information Security at HelloSign, a
leading eSignature company.
Anshu is a long time security
practitioner, having served as a trusted
advisor on information security issues
to Fortune 500 companies at Ernst &
Young and KPMG and recently in
senior security management roles at
Esurance and Coupa Software.
17. Infrastructure Overview
• Highly orchestrated Dynamic Infrastructure with sophisticated Operations
and Security Teams
• Infrastructure, tools and operational models designed to support rapid
company growth
• Tight collaboration between DevOps and Security teams to manage Risk
and Compliance Objectives
18. Key Use Cases for Cloud Security
Compliance
Derivatives
• Security as an accelerator for Business
growth in partnership with Developers and
Operations team
• Security tools designed for DevOps workflow
and scale to known mature Security
Functions (File Integrity Monitoring,
Vulnerability Management)
• Enforcing Security Policy at Scale as
business grows
• Support Compliance objectives with least
overhead
• Augment Security mindshare through
engagement model.
Integrated
Security
Multiple Security
Functions
19. HelloSign : Why Threat Stack?
• Cloud native platform preferred by our DevOps team
• Threat Stack Team - engineering company with a solid
product
• Exceptional support with service centric mindset
• Greater visibility into our environment using a single tool
20. Anshu’s Cloud Security Advice…
Modern Approach
Cloud Security requires a new approach that fits well
with the dynamic world
Security and Compliance
Combine functions – you might be surprised how both
these worlds are so closer in the new world
Demand more..
Threat Stack Cloud Security as an extended resource
to augment Security mindshare.
22. Next Steps and Trial Offer
Start continuously monitoring your AWS
environment today with Threat Stack
We can help with every step along your cloud security journey!
http://get.threatstack.com/aws-security-week
AWS Security Week Workshop
Integrated Security & O
Pete Cheslock
Head of Ops & Support
@petecheslock
Tim Armstrong
Product Marketing Manager
@_timarmstrong