Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Application Security

10/30/2019
11:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Threat Stack Announces Python Support for Application Security Monitoring

Threat Stack Application Security Monitoring helps customers proactively reduce risk during application development and block attacks in real time.

BOSTON, Mass.  October 30, 2019 — Threat Stack, the leader in cloud security and compliance for infrastructure and applications, today announced Python support for Threat Stack Application Security Monitoring. Included with no additional cost as part of the Threat Stack Cloud Security Platform, Threat Stack Application Security Monitoring extends security observability throughout the entire software development life cycle.

With support for both Python and Node.js, Threat Stack Application Security Monitoring identifies risk throughout the entire software development life cycle for both third-party and native code while helping developers learn secure coding practices with built-in eLearning capabilities. After an application is put into production, Threat Stack Application Security Monitoring identifies and blocks attacks such as cross-site scripting (XSS) and SQL injection in real time. Unlike other runtime application security solutions, Threat Stack Application Security Monitoring puts the application in context with the rest of the stack, allowing users to navigate in a single click from application to the container or host where it is deployed for deeper forensics in the case of an attack.

When combining Threat Stack Application Security Monitoring with the rest of the Threat Stack Cloud Security Platform, customers can achieve full stack security observability with contextual insights pulled from the cloud management console, host, containers, orchestration, and applications presented in a single, unified platform. Full stack security observability provides Security and DevOps teams with the actionable intelligence needed to proactively reduce risk within their cloud environment and effectively respond to attacks in real time.

“Meeting the pace of innovation in modern application development is at the core of Threat Stack's mission," said Brian M. Ahern, CEO, Threat Stack. "The addition of Python language support to the Threat Stack Application Security Monitoring functionality within the Threat Stack Cloud Security Platform is the latest in our efforts to innovate and meet the growing needs of security and development professionals alike.”

Threat Stack Application Security Monitoring for Python, with support for Django and Flask is available today. To learn more about Threat Stack Application Security Monitoring, visit https://www.threatstack.com/application-security-monitoring.

About Threat Stack

Threat Stack is the leader in cloud security and compliance for infrastructure and applications, helping companies securely leverage the business benefits of the cloud with proactive risk identification and real-time threat detection across cloud workloads. The Threat Stack Cloud Security Platform® delivers full stack security observability across the cloud management console, host, container, orchestration, managed containers, and serverless layers. Threat Stack provides the flexibility to consume telemetry within existing security workflows — or manages it with you through the Threat Stack Cloud SecOps Program so you can respond to security incidents and improve your organization’s cloud security posture over time.

For more information or to schedule a free demo, visit threatstack.com.

Contact:

 

Tim Morin

fama PR for Threat Stack

(617) 986-5009

[email protected]

 

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/9/2020
Introducing 'Secure Access Service Edge'
Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  7/3/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15001
PUBLISHED: 2020-07-09
An information leak was discovered on Yubico YubiKey 5 NFC devices 5.0.0 to 5.2.6 and 5.3.0 to 5.3.1. The OTP application allows a user to set optional access codes on OTP slots. This access code is intended to prevent unauthorized changes to OTP configurations. The access code is not checked when u...
CVE-2020-15092
PUBLISHED: 2020-07-09
In TimelineJS before version 3.7.0, some user data renders as HTML. An attacker could implement an XSS exploit with maliciously crafted content in a number of data fields. This risk is present whether the source data for the timeline is stored on Google Sheets or in a JSON configuration file. Most T...
CVE-2020-15093
PUBLISHED: 2020-07-09
The tough library (Rust/crates.io) prior to version 0.7.1 does not properly verify the threshold of cryptographic signatures. It allows an attacker to duplicate a valid signature in order to circumvent TUF requiring a minimum threshold of unique signatures before the metadata is considered valid. A ...
CVE-2020-15299
PUBLISHED: 2020-07-09
A reflected Cross-Site Scripting (XSS) Vulnerability in the KingComposer plugin through 2.9.4 for WordPress allows remote attackers to trick a victim into submitting an install_online_preset AJAX request containing base64-encoded JavaScript (in the kc-online-preset-data POST parameter) that is execu...
CVE-2020-4173
PUBLISHED: 2020-07-09
IBM Guardium Activity Insights 10.6 and 11.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure l...