Platform Security Automation

Meet "Platform-Security-as-a-Service".

 SecureStack's core functionality is its integration and automation.  You can pick and choose what security elements to use and SecureStack handles the backend integration.  Want to enable new rootkit protection?  The data just starts flowing into your Virtual SOC and your IDS is now monitoring the correct data points.  

Cloud Integration

SecureStack is built to be cloud native.  We tightly integrate with many AWS services including ECS, EC2, Elastisearch and many others.  Within those services we integrate and manage dozens of functions.
SecureStack can provision natively to AWS, Alibaba Cloud, Google GCP and VMWare and VCloud Air currently.

OS Hardening

SecureStack's first order of business is to make sure the foundation you are building your infrastructure on is secure.  Our adaptive technology can identify applications and potential areas of concern on existing servers and harden them dynamically.  SecureStack has built in system and application auditing and uses machine learning to identify new issues and move to mitigate them.

Secure Foundation = Certified SecureStack AMIs and Images

Are you using AMIs from the AWS Marketplace?  Do you know what's in those images and what vulnerabilities might be built in?  Who built your VMWare templates and what do they include?  Is every node a special snowflake?  Can your ops team rebuild a server easily if it becomes unreliable?

SecureStack provides certified images that are known good and fully secured.  Our technology distributes and builds hardened images for cloud and on-prem infrastructure that you can use to provision new resources from.  Your infrastructure will all be built from the same standardized foundation.  SecureStack automates this build creation and makes sure what you are building is safe and secure.   

Intrusion Detection and Prevention

SecureStack is built on the functionality of Intrusion Detection and Prevention Systems (IDS and IPS).  IDS is one of the core pieces of SecureStack and its integrated into everything we provide.  

IDS gives you:

  • File Integrity Monitoring - all files on your systems are monitored for any changes.  When changes occur, SecureStack lets you know and in the case of sensitive core files, it can even back out changes.
  • Log Analysis - application and system logs are monitored in realtime so that any suspicious activity is picked up as it happens. 

While IPS gives you:

  • Prevention - realtime automated mitigation of attacks and vulnerabilities
  • Shared Threat Data - when one of your nodes is attacked, all of your nodes are protected because SecureStack shares defense and mitigation data to all nodes in your infrastructure.  

Distributed Firewall

SecureStack uses a dynamic firewall technology that protects all of your nodes and shares that data amongst them.  So when one node protects itself against a realtime threat, all nodes are protected against that threat.  Additionally, the identity of the attacker is added to the firewall and that data is shared as well so that any other attacks coming from that source are mitigated.  This technology is MUCH more robust than static firewall rules or security groups.  

 Auditing Baked Right In

Auditing is one of the core functions of SecureStack.  It's baked right in.
SecureStack dynamically adjusts to the changing functions and roles of your systems.  Add a webserver or memcache?  SecureStack automatically audits new functionality as it's added.  New packages and functionality trigger audit control in realtime.  

So rest assured, SecureStack = Built in auditing for your applications and nodes, no matter where they live.   

Built In Anti-Virus, Malware and Rootkit Scanning

SecureStack uses industry best Anti-Virus and Anti-Malware tools to keep your systems safe and bug free.  Our technology uses both realtime and event related monitoring.  So you know that even if someone accidentally downloads the wrong thing you won't have to wait until the next scheduled scan to find out.

We also monitor for the latest rootkits and complex targetted attacks and back door access.

Global Threat List

Global threat actors IP and signature data is an important tool in repelling realtime attacks.  
We combine our own threat data with that of other trusted sources to give you the best blacklist in the industry.  

Get access to the realtime curated SecureStack Global Threat List with all SecureStack subscriptions. 

Realtime Threat Data

All SecureStack products get access to your realtime threat data.  Any of your individual nodes that are attacked share that theat data with all your other systems in realtime, wherever they are.  

Virtual SOC

We build our enterprise customers a Virtual SOC (security operations center) which enables all integrated tools to share their metrics and data.   Custom dashboards, modules and functionality are available for many of the integrated tools.  Geo location, most common attacks, IP's blocked,  port activity and much MUCH more are available. You can see what's happening to your infrastructure and how SecureStack is addressing it.

Ready to subscribe?