Threat Stack Reviews

Threat Stack's team makes me feel valued and is aways looking out for our needs. Threat Stack is more than just a Software as a Service; Service comes first and their team is always available to answer questions, provide advice and consultation on a broad range of security questions. Our account manager checks in with my team on a monthly basis to ensure that we're getting the best possible value from the service, see what Threat Stack can be doing better, and help me feel secure in the constantly changing world of DevSecOps. He has gone above and beyond to help us with external audits, requests from customers, ecurity policy writing and planning FedRAMP inititives. Threat Stack is open to suggestions and tracks every feature request I have on these calls; many have already been implemented, leading to increased ease of use and functionality for my team.

I often wish some of my RFEs were handled in a more timely manner, but I recognize that between the Covid-19 pandemic and Threat Stack's recent product release of ThreatML, their engineering team has had higher priorities. I am very optomictic about the new ThreatMl product, but in it's initial version I feel there's a few shortcomings which prevent it from being immedietly useful to my team. These are minor issues, in general Threat Stack is a great partner for our needs and these areas for improvement do not detract from my experience as a satisfied customer.

Threat Stack allows us to ensure that activity on our Enterprise servers is authorized, that software patches are up to date, and that server are compliant with our Security policies. Threat Stack enables us to be compliant with the heavy regulatory requirements within our field and allows us to undergo customer audits with cofidence. Threat Stack has allowed us to harden our servers, ensuring that all management connections are authorized and that no rogue agents have compromised our engineer's workstations or credentials.

All of our production applications are hosted with AWS and Threatstack is a cloud native platform designed from the ground up to monitor threats in cloud environments. This includes not only your compute instances, but also the cloud management platform itself. It was fairly easy to deploy and since it is a SaaS we don't have to manage it. With their Oversight service, they act as our SecOps team, monitoring our environment, analyzing events, and escalating to our organization when necessary.

1. I wish they had better reporting capabilities in the tool itself.

2. I would like to see better integration for Windows workloads.

3. For compliance purposes, it would be nice if there was an option to store all events for 1 year in the tool itself.

It provides us with 24x7x365 monitoring of activity within our cloud environments. The Threatstack SOC analyzes all alerts and only escalates to us when there is a real issue. It also helps tremendously with our PCI requirements.

We are running a security-mindful business with a small engineering team. Threat Stack has been an excellent addition to our layers of protection. We can all sleep better knowing that automated alerts are watching out for us.

The product comes with a vast number of alert options out of the box. It's a bit overwhelming at first. But after spending some time configuring things (with great support from Threat Stack!), we are now comfortable that only actionable alerts remain.

We are using Threat Stack to monitor our servers for intrusions and suspicious modifications. That's one less thing to worry about with a small engineering team that can focus on delivering customer-focused features instead.

Threat Stack provides automated and human monitoring of our AWS environment, eliminating the burden on our side.

UI and searching could be improved as they are a little rough around the edges; however Threat Stack is aware and actively working to improve the platform.

Threat Stack works well for environments that allow 3rd-party integration in your AWS accounts. The platform works by enabling CloudTrail and creating a role which Threat Stack will assume in your account. Your corporate policies need to allow this kind of configuration for Threat Stack to be a viable option.

Working in the healthcare industry, our company needs to actively monitor and watch for security threats and potential exploits. Threat Stack reduces this burden by allowing us to offload the active monitoring to their team. In addition their support and solutions teams make a genuine effort to review accounts and offer feedback for improvements. Threat Stack is one of the few 3rd-party platforms we use where I feel that every meeting is helpful.

The major upsides of using ThreatStack is increasing insight into any security issues that may exist and you may be unaware of, real time alerting and helping understaffed teams manage security. Monthly insight reports directly from our security team at ThreatStack really help breakdown our overall security posture and where we are at as a company. It has valuable information that we can take and break into individual work items and complete.

There aren't many downsides to using ThreatStack. We have been very fortunate to have them as a true security partner to help us protect our environment and business. We've had a few minor issues with a few version of their agents causing some networking issues on our servers. This issue was mainly due to us using an older version of their agent. They already had a fix in place before we experienced the problem.

If you are looking to increase the security of your cloud infrastructure and can't afford to staff an entire security team ThreatStack can help you! Starting security early in any SaaS based platform is critical and ThreatStack can help you to do that. Then as your business scales you can add necessary in-house security engineers to further partner with and utilize the ThreatStack software.

Intrusion detection, host vulnerability and monitoring as well as gaining insight from their security professionals. We have been able to identify issues and solutions to those issues by utilizing the ThreatStack product. Without it we may never have known we had vulnerabilities in our systems.

Threat Stack provides us with a top notch compliance and security solution, all at an high level of quality and scale.

In truth, I cannot think of any real dislikes. The Threat Stack team is consistently working to meet our requirements, while also anticipating new needs.

Take a close look at the complete offering of services, as I have not found any other companies that offer the package of security services we have at this cost point.

Through our partnership and collaboration with Threat Stack, we are able to better protect our more than 4000 customers and clients. Threat Stack's offerings also simplifies our ability to meet the demands of multiple compliance regulations. As well, the combination of tools and services gives us the ability to investigate and resolve issues at a magnitude that a team our size would not otherwise be able to accomplish.

Utilizing the service we have been able to incrementally tune and enhance insights using full stack observability. Although we don't always like what we find, we always strive to use the insights to improve our security posture one risk at a time. Gradually we are learning more about the operational behaviors and this more intimate understanding of how engineers get their job done helps us empathize with our colleagues and gradually raise the tide of security culture.

I do wish that we had coverage of network devices, embedded linux, other appliances, etc. Without this coverage we have a full stack view in our AWS environments, but not full environment view when we consider other clouds; which means I have to stitch together other tools, dashboards, and processes for a complete picture.

Consider your primary hyper-scale cloud, and development languages to ensure you get the observability you want. Then evaluate up-stream and down-stream processes that may be impacted (compute image creation, code deployment, SOC/NOC response). Have a plan to modify them to ensure you get the full value of the tooling and services. If you do these things; I think you'll be a very satisfied client.

We have identified several mis-configurations such as internet exposed ports for devices in private cloud, services running with excess permissions, and devices heading toward EOL. All these insights help us reinforce our understanding of the environment, improve cyber hygiene, and in some cases aren't immediately surfaced through other existing processes.

ThreatStack has made it incredibly easy for my team to quickly identify security vulnerabilities, keep track of any unwanted accesssion, and enforce compliance across our entire platform. Installing and configuring it on our machines is super painless to automate, it integrates easily with AWS and Slack, making sure that setup is easy and alerts are raised as soon as problems are found. Luckily, it has kept us proactive rather than reactive with respect to security, so we are able to keep our maintenance backlog low and work on further improving our infrastructure.

It would be nice to be able to distinguish which AWS account a server resides in from the Threatstack UI. Other than that minor gripe, it works pretty well for us.

ThreatStack has enabled us to move legacy software to AWS faster than we ever anticipated while keeping us SOC2 compliant along the way. It has tremendously helped us to modernize our applications and infrastructure without needing to go out and figure out what is or isn't updated, what has potential CVEs, and where those problems reside. My team could not do the type of migrations they are doing without it.

Threat Stack provides us with a categorization of alerts so that we know whether something is flagged as a CVE concern or a SOC2 concern. From there we can quickly identify what is the highest priority and address it appropriately.

Threat Stack is very thorough in its analysis, and can often alert on items that I might consider a "false positive" for a various reasons. It takes some time to mark those alerts appropriately initially, but once configured correctly it is a powerful platform.

Threat Stack allowed us to quickly install agents across all of our different types of servers in multiple cloud providers with ease. We then immediately started seeing actionable items come into the platform for us to address. If you're willing to put in the time to modify the rule sets (an easy process) then this is a great product for security & compliance.

We're identifying any potential vulnerabilities on both our servers and our application code, using their agent & micro-agent respectively. We're able to catch items in our Staging environments before they are published to Production.

Graphical interface and app test available and necessary for the protection of the main system.

Problem for application testing and application support.

With a graphical interface and adding specific functions, it is the best solution to my main system security and stability problems.