Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Application Security

10/30/2019
11:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Threat Stack Announces Python Support for Application Security Monitoring

Threat Stack Application Security Monitoring helps customers proactively reduce risk during application development and block attacks in real time.

BOSTON, Mass.  October 30, 2019 — Threat Stack, the leader in cloud security and compliance for infrastructure and applications, today announced Python support for Threat Stack Application Security Monitoring. Included with no additional cost as part of the Threat Stack Cloud Security Platform, Threat Stack Application Security Monitoring extends security observability throughout the entire software development life cycle.

With support for both Python and Node.js, Threat Stack Application Security Monitoring identifies risk throughout the entire software development life cycle for both third-party and native code while helping developers learn secure coding practices with built-in eLearning capabilities. After an application is put into production, Threat Stack Application Security Monitoring identifies and blocks attacks such as cross-site scripting (XSS) and SQL injection in real time. Unlike other runtime application security solutions, Threat Stack Application Security Monitoring puts the application in context with the rest of the stack, allowing users to navigate in a single click from application to the container or host where it is deployed for deeper forensics in the case of an attack.

When combining Threat Stack Application Security Monitoring with the rest of the Threat Stack Cloud Security Platform, customers can achieve full stack security observability with contextual insights pulled from the cloud management console, host, containers, orchestration, and applications presented in a single, unified platform. Full stack security observability provides Security and DevOps teams with the actionable intelligence needed to proactively reduce risk within their cloud environment and effectively respond to attacks in real time.

“Meeting the pace of innovation in modern application development is at the core of Threat Stack's mission," said Brian M. Ahern, CEO, Threat Stack. "The addition of Python language support to the Threat Stack Application Security Monitoring functionality within the Threat Stack Cloud Security Platform is the latest in our efforts to innovate and meet the growing needs of security and development professionals alike.”

Threat Stack Application Security Monitoring for Python, with support for Django and Flask is available today. To learn more about Threat Stack Application Security Monitoring, visit https://www.threatstack.com/application-security-monitoring.

About Threat Stack

Threat Stack is the leader in cloud security and compliance for infrastructure and applications, helping companies securely leverage the business benefits of the cloud with proactive risk identification and real-time threat detection across cloud workloads. The Threat Stack Cloud Security Platform® delivers full stack security observability across the cloud management console, host, container, orchestration, managed containers, and serverless layers. Threat Stack provides the flexibility to consume telemetry within existing security workflows — or manages it with you through the Threat Stack Cloud SecOps Program so you can respond to security incidents and improve your organization’s cloud security posture over time.

For more information or to schedule a free demo, visit threatstack.com.

Contact:

 

Tim Morin

fama PR for Threat Stack

(617) 986-5009

[email protected]

 

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
SOC 2s & Third-Party Assessments: How to Prevent Them from Being Used in a Data Breach Lawsuit
Beth Burgin Waller, Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLC,  12/5/2019
Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "This is the last time we hire Game of Thrones Security"
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19230
PUBLISHED: 2019-12-09
An unsafe deserialization vulnerability exists in CA Release Automation (Nolio) 6.6 with the DataManagement component that can allow a remote attacker to execute arbitrary code.
CVE-2013-0342
PUBLISHED: 2019-12-09
The CreateID function in packet.py in pyrad before 2.1 uses sequential packet IDs, which makes it easier for remote attackers to spoof packets by predicting the next ID, a different vulnerability than CVE-2013-0294.
CVE-2014-0242
PUBLISHED: 2019-12-09
mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.
CVE-2015-3424
PUBLISHED: 2019-12-09
SQL injection vulnerability in Accentis Content Resource Management System before the October 2015 patch allows remote attackers to execute arbitrary SQL commands via the SIDX parameter.
CVE-2015-3425
PUBLISHED: 2019-12-09
Cross-site scripting (XSS) vulnerability in Accentis Content Resource Management System before October 2015 patch allows remote attackers to inject arbitrary web script or HTML via the ctl00$cph_content$_uig_formState parameter.