Threat Stack Reviews & Product Details

Threat Stack Overview

What is Threat Stack?

Threat Stack is the leader in cloud security & compliance for infrastructure and applications, helping companies securely leverage the business benefits of the cloud with proactive risk identification and real-time threat detection across cloud workloads. The Threat Stack Cloud Security Platform® helps organizations improve operational efficiency by bridging the gap between security, development, and operations. By delivering full stack security observability across the cloud management console, host, container, orchestration, managed containers, and serverless layers — Threat Stack helps organizations rapidly contextualize the numerous signals from cloud infrastructure and applications for proactive analytics and reactive security management. Threat Stack helps enable secure cloud-native software development and true DevSecOps by providing flexible consumption. Customers have the option of consuming the contextualized telemetry and findings within existing security workflows through APIs and data lake integrations, or leveraging the Threat Stack Cloud SecOps ProgramSM where Threat Stack will help manage your DevSecOps program so you can spend more time responding to security incidents and improving your organization’s security posture over time. No matter how you are deployed — hybrid, multi-cloud — Threat Stack can help you proactively reduce the risk of a breach across your CI/CD pipeline, so you can securely conquer the cloud.

Threat Stack Details
Languages Supported
English
Product Description

Threat Stack provides continuous security monitoring for public, private, and hybrid cloud infrastructures protecting servers, and the data they access, from intrusion and data loss.


Seller Details
Seller
Threat Stack, Inc
Company Website
Year Founded
2012
HQ Location
Boston, MA
Twitter
@threatstack
3,864 Twitter followers
LinkedIn® Page
www.linkedin.com
104 employees on LinkedIn®

Overview Provided by:
Show More

Threat Stack Screenshots

Threat Stack Reviews

Write a Review
Filter reviews
LinkedIn®
Connections
Popular Mentions
Showing 33 Threat Stack reviews
Popular Mentions
Showing 33 reviews
Filter Reviews
Filter Reviews
Sort by
Ratings
Company Size
User Role
For Category
All Industries
Region
Already have Threat Stack?
Write a Review
Small-Business(50 or fewer emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

Threat Stack provides automated and human monitoring of our AWS environment, eliminating the burden on our side. Review collected by and hosted on G2.com.

What do you dislike?

UI and searching could be improved as they are a little rough around the edges; however Threat Stack is aware and actively working to improve the platform. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Threat Stack works well for environments that allow 3rd-party integration in your AWS accounts. The platform works by enabling CloudTrail and creating a role which Threat Stack will assume in your account. Your corporate policies need to allow this kind of configuration for Threat Stack to be a viable option. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Working in the healthcare industry, our company needs to actively monitor and watch for security threats and potential exploits. Threat Stack reduces this burden by allowing us to offload the active monitoring to their team. In addition their support and solutions teams make a genuine effort to review accounts and offer feedback for improvements. Threat Stack is one of the few 3rd-party platforms we use where I feel that every meeting is helpful. Review collected by and hosted on G2.com.

Show More
Show Less
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

The color coordination! Easy for the eyes. Especially on how we can distinguish based off color of the type of Sev if either sev 1, sev 2, or sev 3 within alerts tab. Along with that the dashboard tab is very very easy to understand on whats going on. Review collected by and hosted on G2.com.

What do you dislike?

It just took time to get used to using the UI. Within the events tab it was first a bit hard to notice the parameters since it is in light colors, the ones that im talking about are: servers,argument,pid,command, etc. Not sure if this functionality is already there, but when viewing an alert in group view and then I click "select all", is there a way to suppress all alerts. As of now looks like we'd have to do one by one. For the dashboard tab, there is a lot of white space. Maybe we can use more of that white space to add more helpful analytics. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Look at tutorial videos before utilizing Threat Stack and also have proper basic fundamentals of networking. I would recommend others to use Threat Stack for infrastructure monitoring, vulnerability management, threat intelligence, and compliance reporting. This tool is a very helpful cloud security platform. Just like everything new to you, make sure to get some practice in learn the fundamentals first. Dont rush in like me or it will be chaotic to look at first. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Im currently not utilizing threatstack that much. Other team members can better answer that! The time I did utilize Threat stack was to determine which of our employees are logging into AWS without utilizing Multi Factor Authentication. Since this was an alert in Threat Stack as I believe a SEV 3, we were able to track down all the users and inform them to setup multi factor authentication for their account. Review collected by and hosted on G2.com.

Show More
Show Less
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

One of the best parts of using Threatstack has been the customer care team. They've been very diligent listening to our feedback and addressing it. They continually monitor and tune our alerts, alleviating some of that burden.

Kubernetes support has been good; the agents are very easy to deploy in our clusters.

The default rulesets are pretty comprehensive, although they require extensive tuning to filter out the noise.

We've seen steady improvement of the product over time. Even as I was writing this review, I was navigating around the product and found that some issues we used to have had been resolved. One good example of this was with CVE handling. It used to be impossible to see which CVEs had a matching security notice. Now I see that you can sort by whether a vulnerability has a security notice, making it much easier to find actionable CVEs.

The monthly wrap-up report and video call we do has been helpful in surfacing misconfigured services and unusual user behavior. Review collected by and hosted on G2.com.

What do you dislike?

The web interface can feel clunky at times. Some areas are less polished than others.

A LOT of tuning is required to eliminate noise. We still deal with a number of alerts that aren't actionable, but the Threatstack team continues to work on tuning them.

Being billed by agent hour adds up quickly and incentivizes monitoring the bare minimum number of servers. Also, having a certain allotment of agent hours each year and having to negotiate contract changes if we use more/less is a bit of a hassle. It'd be nicer to just have a flat-rate per agent and get billed for whatever we use each year.

Earlier on, the product had many deficiencies and bugs. Some components were broken, others were just not useful. This has improved over time though! Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

The most basic problem we needed to solve was IDS. Threat Stack does this well, both in our legacy EC2 instances as well as our newer Kubernetes clusters. We looked at implementing our own solution with open source tools, but the sheer effort to tune and develop the ruleset was too much compared to a managed solution like Threat Stack.

Vulnerability detection is another problem we're solving with Threat Stack. It helps us fulfill obligations to patch critical CVEs within our contractual timelines. Review collected by and hosted on G2.com.

Show More
Show Less
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

We're a longtime customer that engaged with ThreatStack when they were a very young company.

Threat Stack aggregates all of our Linux systems-level events and automatically classifies them according to severity (1, 2, and 3). Threat Stack comes with a default rule set that is good, and there is also a set of rules tuned to HIPAA that have helped quite a bit. Additionally, we have written our own rules to reduce the amount of noise from the system. It's easy to create rules. With those rules in place, we only spend about 10 minutes per week looking at the Threat Stack console (two engineers, 5 minutes each). We send Severity 1 Alerts to email and triage those immediately/ad hoc.

We also like the fact that it looks at our systems and rates them for vulnerabilities (CVEs) so that we can keep our systems properly patched.

More recently we've been intrigued by their new machine learning process to identify anomalies (though we're not using that, yet). We also did a test-drive of their service whereby their staff alert us based on their understanding of server behavior: We liked it but we're still just a little too small to justify the expense. We are not yet using their container monitoring, but we will eventually.

We have on occasion used their API, which has been helpful for some specialized data analysis. Review collected by and hosted on G2.com.

What do you dislike?

One thing we found was that essentially we had to create our own methodology. Twice/week each of two engineers reviews all of our security tools (Threat Stack, AWS cloud monitoring, SumoLogic). We've long felt that ThreatStack should promote a methodology like that -- i.e., how to integrate it into your DevOps flow.

Threat Stack no longer has a Ruby client for the API, mostly because the Ruby "Hawk" authentication scheme is no longer maintained. If you do want to use the Threat Stack API from Ruby, you can use a client I developed (https://github.com/jgn/mini_hawk). Review collected by and hosted on G2.com.

Recommendations to others considering the product:

I recommend that you come up with a methodology for review the Threat Stack dashboard periodically -- and keep notes on what you're seeing. Additionally, learn how to make your own custom rules. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

The core problem is host-based intrusion detection, which is required for our HITRUST certification (among other things). Review collected by and hosted on G2.com.

Show More
Show Less
Software Development Manager
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

The major upsides of using ThreatStack is increasing insight into any security issues that may exist and you may be unaware of, real time alerting and helping understaffed teams manage security. Monthly insight reports directly from our security team at ThreatStack really help breakdown our overall security posture and where we are at as a company. It has valuable information that we can take and break into individual work items and complete. Review collected by and hosted on G2.com.

What do you dislike?

There aren't many downsides to using ThreatStack. We have been very fortunate to have them as a true security partner to help us protect our environment and business. We've had a few minor issues with a few version of their agents causing some networking issues on our servers. This issue was mainly due to us using an older version of their agent. They already had a fix in place before we experienced the problem. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

If you are looking to increase the security of your cloud infrastructure and can't afford to staff an entire security team ThreatStack can help you! Starting security early in any SaaS based platform is critical and ThreatStack can help you to do that. Then as your business scales you can add necessary in-house security engineers to further partner with and utilize the ThreatStack software. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Intrusion detection, host vulnerability and monitoring as well as gaining insight from their security professionals. We have been able to identify issues and solutions to those issues by utilizing the ThreatStack product. Without it we may never have known we had vulnerabilities in our systems. Review collected by and hosted on G2.com.

Show More
Show Less
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

Utilizing the service we have been able to incrementally tune and enhance insights using full stack observability. Although we don't always like what we find, we always strive to use the insights to improve our security posture one risk at a time. Gradually we are learning more about the operational behaviors and this more intimate understanding of how engineers get their job done helps us empathize with our colleagues and gradually raise the tide of security culture. Review collected by and hosted on G2.com.

What do you dislike?

I do wish that we had coverage of network devices, embedded linux, other appliances, etc. Without this coverage we have a full stack view in our AWS environments, but not full environment view when we consider other clouds; which means I have to stitch together other tools, dashboards, and processes for a complete picture. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Consider your primary hyper-scale cloud, and development languages to ensure you get the observability you want. Then evaluate up-stream and down-stream processes that may be impacted (compute image creation, code deployment, SOC/NOC response). Have a plan to modify them to ensure you get the full value of the tooling and services. If you do these things; I think you'll be a very satisfied client. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We have identified several mis-configurations such as internet exposed ports for devices in private cloud, services running with excess permissions, and devices heading toward EOL. All these insights help us reinforce our understanding of the environment, improve cyber hygiene, and in some cases aren't immediately surfaced through other existing processes. Review collected by and hosted on G2.com.

Show More
Show Less
Small-Business(50 or fewer emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

Threat Stack provides us with a categorization of alerts so that we know whether something is flagged as a CVE concern or a SOC2 concern. From there we can quickly identify what is the highest priority and address it appropriately. Review collected by and hosted on G2.com.

What do you dislike?

Threat Stack is very thorough in its analysis, and can often alert on items that I might consider a "false positive" for a various reasons. It takes some time to mark those alerts appropriately initially, but once configured correctly it is a powerful platform. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Threat Stack allowed us to quickly install agents across all of our different types of servers in multiple cloud providers with ease. We then immediately started seeing actionable items come into the platform for us to address. If you're willing to put in the time to modify the rule sets (an easy process) then this is a great product for security & compliance. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We're identifying any potential vulnerabilities on both our servers and our application code, using their agent & micro-agent respectively. We're able to catch items in our Staging environments before they are published to Production. Review collected by and hosted on G2.com.

Show More
Show Less
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

Threat Stack provides us with a top notch compliance and security solution, all at an high level of quality and scale. Review collected by and hosted on G2.com.

What do you dislike?

In truth, I cannot think of any real dislikes. The Threat Stack team is consistently working to meet our requirements, while also anticipating new needs. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Take a close look at the complete offering of services, as I have not found any other companies that offer the package of security services we have at this cost point. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Through our partnership and collaboration with Threat Stack, we are able to better protect our more than 4000 customers and clients. Threat Stack's offerings also simplifies our ability to meet the demands of multiple compliance regulations. As well, the combination of tools and services gives us the ability to investigate and resolve issues at a magnitude that a team our size would not otherwise be able to accomplish. Review collected by and hosted on G2.com.

Show More
Show Less
CISO and VP of IT Infrastructure
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

The ability to monitor your cloud environment combined with per-host monitoring provides good overall coverage of potential threats and software vulnerabilities. While ThreatML (Machine Learning) is in a nascent state, I believe ThreatStack will continue to improve its use of ML over time. It is fairly easy to tune alerting to your environment, and Threatstack support is very helpful when it comes to working with rule sets and suppressions. Review collected by and hosted on G2.com.

What do you dislike?

I would like to see better exportable reporting for Audits. Some alerts are not actionable or cannot be suppressed. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We were able to use Threatstack to provide evidence to our Auditors and Assessors to successfully become SOC and HITRUST certified. Review collected by and hosted on G2.com.

Show More
Show Less
Small-Business(50 or fewer emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

The best part is that with less effort you can implement in any platform (cloud or on-premise). with the most supported Linux distributions. Its support to Docker & Kubernetes also.

And also provides an easy interface for administration. It currently integrated into the app-sec for latest technologies ruby , python & also node js. Many more to go with app-sec monitoring for application security.

It has clear documentation for automation for ts agent implementation through ansible or with a script with . which documentation is available in their git hub.

I did like the quick support in all hurdle times. Review collected by and hosted on G2.com.

What do you dislike?

Nothing more. wanted to explore threat stack more in app-sec monitoring & integrate all the languages which are most latest technologies. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Best product with lots of features available & upcoming. Best suits for current industries Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

This was helpful for our SOC audit on AWS cloud & on-premises also currently using it for our config audits & security monitoring Review collected by and hosted on G2.com.

Show More
Show Less
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

All of our production applications are hosted with AWS and Threatstack is a cloud native platform designed from the ground up to monitor threats in cloud environments. This includes not only your compute instances, but also the cloud management platform itself. It was fairly easy to deploy and since it is a SaaS we don't have to manage it. With their Oversight service, they act as our SecOps team, monitoring our environment, analyzing events, and escalating to our organization when necessary. Review collected by and hosted on G2.com.

What do you dislike?

1. I wish they had better reporting capabilities in the tool itself.

2. I would like to see better integration for Windows workloads.

3. For compliance purposes, it would be nice if there was an option to store all events for 1 year in the tool itself. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

It provides us with 24x7x365 monitoring of activity within our cloud environments. The Threatstack SOC analyzes all alerts and only escalates to us when there is a real issue. It also helps tremendously with our PCI requirements. Review collected by and hosted on G2.com.

Show More
Show Less
UH
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

The product has been excellent and provides us with great insight to the vulnerabilities, exploits and misconfigurations within our environment. The default rule sets have worked well out of the box both for our AWS environment and our Kubernetes environment.

One of the top aspects for our team has been our interactions with our customer support team. They provide actionable items each meeting and clearly have a strong grasp of our environment. Review collected by and hosted on G2.com.

What do you dislike?

The UI can feel a little clunky at times.

It would be nice if server vulnerabilities found would link to remediation steps within the console without having to go look through the NIST site, possibly even tie directly into a JIRA ticket.

There are some other quality of life improvements but for it's core functionality we are very happy with the product as a team. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Real time monitoring of our production systems. Very helpful for our auditing processes and ensuring we can complete the necessary actions for our HITRUST certification. Review collected by and hosted on G2.com.

Show More
Show Less
AP
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

Threat Stack's Security Oversight, Insight, and Customer Support teams are top-tier. They are responsive, engaging, and coordinated on all fronts. I sleep with confidence that the data reported from our deployed agents (as well as our audit logs in AWS) are being effectively monitored by capable experts around the clock. Having an external team we can depend on for the triaging and tuning of alerts is particularly valuable for a small team like the one I am a part of. Review collected by and hosted on G2.com.

What do you dislike?

The Threat Stack platform lacks some "quality-of-life" features that I would like to see. More customizable Slack integration options and better workflows for acknowledging/dismissing alerts are at the top of my list. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Real-time security monitoring of our Production AWS systems - both at the account and instance levels. Threat Stack has helped us strengthen our security posture and provides us with a strong foundation as we continue to invest in the protection of our platforms and users. Review collected by and hosted on G2.com.

Show More
Show Less
UC
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

ThreatStack has made it incredibly easy for my team to quickly identify security vulnerabilities, keep track of any unwanted accesssion, and enforce compliance across our entire platform. Installing and configuring it on our machines is super painless to automate, it integrates easily with AWS and Slack, making sure that setup is easy and alerts are raised as soon as problems are found. Luckily, it has kept us proactive rather than reactive with respect to security, so we are able to keep our maintenance backlog low and work on further improving our infrastructure. Review collected by and hosted on G2.com.

What do you dislike?

It would be nice to be able to distinguish which AWS account a server resides in from the Threatstack UI. Other than that minor gripe, it works pretty well for us. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

ThreatStack has enabled us to move legacy software to AWS faster than we ever anticipated while keeping us SOC2 compliant along the way. It has tremendously helped us to modernize our applications and infrastructure without needing to go out and figure out what is or isn't updated, what has potential CVEs, and where those problems reside. My team could not do the type of migrations they are doing without it. Review collected by and hosted on G2.com.

Show More
Show Less
AM
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

Keeping on top of CVEs is fantastic, there's more open CVEs here than the Linux distro recognizes as needing to be patched. This is a very real picture of exactly how things are. As we've gone along in using Threatstack we're now moving to AWS and having Threatstack deployed there from the very beginning has been useful.

The rulesets are also incredibly useful and the ability to configure custom rules and exceptions is a strength. Review collected by and hosted on G2.com.

What do you dislike?

The complexity around hosts and ports and appropriately configuring everything to accept some things but not others. Custom rules are very powerful but holy cow it's tedious and feels as though one should be taking a fine grained approach but being a threat stack configuration expert is not a major part of the job. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

This is a solution that is necessary for any SaaS company, but be careful about custom rules! Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Our company is about to enter into SOC2 auditing. Prior to having Threatstack we were taking the approach of being reactive to security problems and doing our best to stay on top of things we were aware of. Now that we have Threatstack, we are no longer being as reactive and have begun to be proactive. Review collected by and hosted on G2.com.

Show More
Show Less
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

Setup was very easy (just install an agent on all the instances, and connect cloudtrail, and you start getting a pretty good idea of what is going on in your system. The default alerts are easy to set up, and give you a good starting point. Review collected by and hosted on G2.com.

What do you dislike?

You will definitely need to tweak the alerts out of the box, or you will get too many false-positives. The process for this is not too cumbersome, though. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We get insight into kernel activity that is unexpected, as well as vulnerable OS packages that need to be addressed. The AWS integration also alerts on things that are not configured properly, though this functionality is duplicated by many other tools. Review collected by and hosted on G2.com.

Show More
Show Less
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from G2 on behalf of the seller
What do you like best?

I like that we have the option to range between full control and hands-off. If we wanted to step back and let them handle all the monitoring and interpretation, that's an option. If we wanted to do it all and not have any suggestions, that's also fine. We're in between the ranges, but as things get busier I know that I can let them handle the day to day monitoring and will alert me if there's really suspicious stuff. Review collected by and hosted on G2.com.

What do you dislike?

Some of the alerts were noisy before they suggested suppression rules. It's easy to get lost in all the features, and I bet we're still not making full use of everything. They've been good at reducing the amount of effort it takes though. I can see that not having an idea what to do could be confusing. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Make heavy use of the integrations and customer success team! Let them do the heavy lifting of suppression. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

It's nice to have that SIEM and show our clients that we're taking it seriously. It's great to know that our overworked selves are not the only ones watching what's happening. If something happens we will know about it. We're also starting to use the application security piece, so we'll see how that goes too. Review collected by and hosted on G2.com.

Show More
Show Less
AI
Small-Business(50 or fewer emp.)
Validated Reviewer
Review source: Invitation from G2 on behalf of the seller
What do you like best?

I like how simple it is to get up and running. It's great to setup and not have to worry about a complicated configuration process. There is a base set of rules already created and it is fairly simple to implement new rules for instance and Cloudtrail monitoring. Review collected by and hosted on G2.com.

What do you dislike?

Lack of feature set and log retention. Threatstack is great at having a baseline checks and monitors, but lacks some of the more advanced features. While they claim to have intelligence, there is no way for a user of the platform to view any types of intelligence. Rule creation is a bit tricky when you get into suppressions, there is no way to test a rule in combination with suppressions, you have to test each piece individually and hope it works all together. For the price point, Threatstack only keeps 3 days of logs which is completely useless and you must have a SIEM to forward the logs to in order to keep any sort of record of what is happening on your servers. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Threatstack solves the problem of having AV on our servers and monitoring of our Cloudtrail events. It also gives us the peace of mind that we have a reliable tool in our arsenal to help monitor our infrastructure. Review collected by and hosted on G2.com.

Show More
Show Less
Small-Business(50 or fewer emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

Threat Stack's 24/7 SOC, monthly vulnerability and alert analysis, tuning to reduce noise, compliance mapping, and responsive support provide a very cost effective package of security monitoring services. Review collected by and hosted on G2.com.

What do you dislike?

I have no complaints after a year of use. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We wanted 24/7 eyes on our systems, advice on improving our security profile, filtering of vulnerability and alerts to provide perspective, and guidance for constant improvement. Review collected by and hosted on G2.com.

Show More
Show Less
AI
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

It's very easy to deploy. We had difficulties finding an agent that is low overhead and can run in containers and ThreatStack agent runs on our Container-based OS perfectly and provides excellent visibility into Audit events in the system. The rules are categorized into areas to help with Compliance (SOC2, ISO27k, HIPAA, PCI) and there's Configuration Audit option available. ThreatStack SOC oversight helps to filter out the noise and escalate actionable events. Review collected by and hosted on G2.com.

What do you dislike?

It takes time to tweak the alert rules and suppress noisy false positives. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Compliance and monitoring. Review collected by and hosted on G2.com.

Show More
Show Less
AH
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

The way we can write rules and suppressions. Fits to custom needs.

The default rule set helps in customizing them. Review collected by and hosted on G2.com.

What do you dislike?

Could do better with UI to improve the usability of the tool specially with investigation of alerts and events. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Definitely easy to setup and use if you are administering it. It can get little tricky while investigations on events initially but once you get used to it, you should be fine. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We are using ThreatStack as a Host based IDS solution for our compliance environment(PCI).

We can tune the monitoring rules as per our needs and grant exceptions. Review collected by and hosted on G2.com.

Show More
Show Less
AI
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

Account managers are highly responsive and security analysts will provide comprehensive analysis of security alerts on request. The Oversight program does remove significant burden from our ops team. Review collected by and hosted on G2.com.

What do you dislike?

Actually configuring alerts, suppressions and view logs on your own is confusing and not very developer friendly. This issue is avoided if you sign up for one of their managed plans. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Be prepared to use their managed plan. Managed things yourself is hard because they have poor documentation and the interface is not developer friendly or intuitive. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Allowed our company to continue scaling without investing in a security team at this time. Helps us meet compliance requirements. Review collected by and hosted on G2.com.

Show More
Show Less
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

Having an actual person looking into our issues and reaching out to us (normally at the same time we are already looking into it) Review collected by and hosted on G2.com.

What do you dislike?

have had some issues in the past with their older agent causing issues on our linux boxes (resolved now) Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Monitoring our aws infrastructure and security on ec2 instances.

Benefits is not hiring a full time person to do that job Review collected by and hosted on G2.com.

Show More
Show Less
IT Manager
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

Ease of deployment and amofgdfg unt/quality of data being returned by TS agent. Review collected by and hosted on G2.com.

What do you dislike?

Dashboards is a weak point, while collecting a lot of data, it is not easy to visualize that data. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Good product, request a demo to ensure reporting and dashboarding meet your needs. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

IDS - we use TS to gain insight and visibility into our system and systems network elements. Review collected by and hosted on G2.com.

Show More
Show Less
AA
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

Threat Stack monitors our security 24/7 freeing our staff to focus on their core competencies. Review collected by and hosted on G2.com.

What do you dislike?

Threat Stack's vulnerability information relies on software version numbers. This provides an inaccurate assessment for most Linux systems. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Monitoring our security logs in AWS, providing system-level security monitoring, monitoring our AWS configuration for security issues. Threat Stack puts all the info in one place and makes it much easier to interpret the massive stream of data. The customizable rules also allow us to create event alerts for just about anything that happens in our cloud infrastructure. Review collected by and hosted on G2.com.

Show More
Show Less
Do you work for Threat Stack?