Threat Stack Reviews

Filter by:Reset all filters
industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
rating
Loading...
Filter Unavailable
Skyler Cain
Real User
Software Development Manager at Rent Dynamics
Sep 20 2019

What is most valuable?

The most valuable feature is the SecOps because they have our back and they help us with the reports. We jump on calls monthly to set goals and roadmaps internally for how… more»

How has it helped my organization?

One of the ways they've improved the way our organization functions is that when we first signed up with Threat Stack, we were just using password authentication. Managing… more»

What needs improvement?

They could give a few more insights into security groups and recommendations on how to be more effective. That's getting more into the AWS environment, specifically. I'm… more»

What's my experience with pricing, setup cost, and licensing?

What we're paying now is somewhere around $15 to $20 per agent per month, if I recall correctly. The other cost we have is SecOps.

If you previously used a different solution, which one did you use and why did you switch?

The SecOps program was the big seller to me, the fact that we would have their help and their support, especially at the time of an incident. That was the biggest deciding… more»

What other advice do I have?

I would advise, if you have the funding, that you have a security team. But if you're not going to dump resources into security, you're not going to have a full-on… more»

Which other solutions did I evaluate?

We were looking at several different security companies. We were talking to a company called Armor. We were using Datadog for some of it, for what they give you… more»
Real User
Director of Security at Eventbrite
Mar 25 2019

What is most valuable?

We like the ability of the host security module to monitor the processes running on our servers to help us monitor activity. We want to make sure that there are no bad… more»

How has it helped my organization?

It provides the security team with visibility into parts of the organization that were otherwise difficult to see into. By installing the agent we can get visibility into… more»

What needs improvement?

The user interface can be a little bit clunky at times. My enjoyment of the user interface is not 100 percent. We maintain multiple sites, a pre-production site and a… more»

What's my experience with pricing, setup cost, and licensing?

I'm happy with the amount that we spend for the product that we get and the overall service that we get. It's not cheap, but I'm still happy with the spend.

If you previously used a different solution, which one did you use and why did you switch?

We used basic auditd. It's an open-source auditing framework for the Linux environment. The main reason for switching to Threat Stack is that, while Threat Stack… more»

What other advice do I have?

Understand the types of users and behaviors that you have in your environment and whether it's changing all the time or very static. If it's a highly static environment… more»

Which other solutions did I evaluate?

We didn't evaluate too many other options. I had been talking to the Threat Stack team for some time and had known about the product, its features and functionality. We… more»
Find out what your peers are saying about Threat Stack, Palo Alto Networks, CloudPassage and others in Cloud Workload Security. Updated: October 2019.
371,062 professionals have used our research since 2012.
Kevin Johnson
Real User
Lead Security SRE at InVision
Mar 25 2019

What is most valuable?

The endpoint security monitoring, the AWS security monitoring, ties all of these things together in a way that we can make sense of data that, before, wasn't available or… more»

How has it helped my organization?

The most important example of how it has improved our organization is that we had a security incident that I can't give you a lot of details around. But about two months… more»

What needs improvement?

The solution’s ability to consume alerts and data in third-party tools (via APIs and export into S3 buckets) is moderate. They have some work to do in that area. I'd like… more»

What's my experience with pricing, setup cost, and licensing?

It's too expensive, but I'm always going to say that. It is very expensive compared to some other products. The pricing is definitely high.

If you previously used a different solution, which one did you use and why did you switch?

We replaced CloudWatch for AWS configuration management with Threat Stack.

What other advice do I have?

Build very tight relationships with Threat Stack's sales, engineering, and onboarding teams. That is something that has saved us a good amount of pain. Also, spend a… more»

Which other solutions did I evaluate?

We did a demo with Twistlock but we never actually implemented it because we had a ton of problems with it. We used OSSEC for a long time, and Trend Micro on a previous… more»
Eric Cohen
Real User
Sr. Director Information and Security for PureCloud at Genesys Telecommunications Laboratories
Apr 01 2019

What is most valuable?

The number-one feature is the monitoring of interactive sessions on our Linux machines. We run an immutable environment, so that nothing is allowed to be changed in… more»

How has it helped my organization?

We have about 210 microservices that make up our product. There are over 140 developers who have access to production, and they can troubleshoot but they're not allowed to… more»

What needs improvement?

The API - which has grown quite a bit, so we're still learning it and I can't say whether it still needs improvement - was an area that had been needing it. They have just… more»

What's my experience with pricing, setup cost, and licensing?

I honestly don't know what pricing would compare to, because there wasn't a whole lot on the market at the time. It came in cheaper than Trend Micro when we purchased it a… more»

If you previously used a different solution, which one did you use and why did you switch?

We used Trend Micro Deep Security. The issue was a problem in the agent that goes on the servers that was causing our servers to crash. It happened a couple of times and… more»

What other advice do I have?

The best way really to demo and implement is to deploy it with the standard rules that come with it and simply monitor the environment for about a month, just to get a… more»

Which other solutions did I evaluate?

We looked at was going on with open-source, with OSSEC, and doing it ourselves. That did not prove to be scalable.
Vincent Romney
Real User
Director of Information Security at Younique Products
Mar 25 2019

What is most valuable?

It has been quite helpful to have the daily alerts coming to my email, as well as the Sev 1 Alerts. Anything that pops a Sev 1 comes directly to my email. Most recently we started getting those… more»

How has it helped my organization?

The capacity to respond to evidence requests from the SOX auditors has significantly improved because of this tool. It has also provided us with the ability to gain actionable insight into our cloud… more»

What needs improvement?

It certainly has a lot of capabilities and we're not using much of what it can do. That's something that, as we mature as an organization, we'll expand into. The one thing that we know they're working… more»

What's my experience with pricing, setup cost, and licensing?

Pricing seems to be in line with the market structure. It's fine. There's not a problem with it. It seems to fit well within the current pricing structures that are out there.

If you previously used a different solution, which one did you use and why did you switch?

I believe the only thing the company used before Threat Stack was the incumbent AWS logging: CloudWatch, CloudThreat, CloudTrail. The switch was made for the ability to have a single pane of glass to… more»

What other advice do I have?

One of things that was dropped here that I picked up and have been running with is that Threat Stack should be implemented and comprehensively applied to security for security's sake, as well as for… more»
Chris Murdock
Real User
Security Architect at a tech services company with 201-500 employees
Mar 25 2019

What is most valuable?

We enjoy the AWS Config audit within Threat Stack. This allows us to quickly score our AWS accounts against known, good configurations, then receive a letter grade which is easy to understand, as well… more»

How has it helped my organization?

Threat Stack allows us to quickly identify public AWS buckets across a large number of accounts, so we can validate what is within those public buckets and should be publicly accessible. That no… more»

What needs improvement?

I would like the following: * Further support of Windows endpoint agents or the introduction of support for Windows endpoint agents. * The ability to quickly templatize rule sets and share them.

What's my experience with pricing, setup cost, and licensing?

We find the licensing and pricing very easy to understand and a good value for the services provided. Purchase it as soon as you possibly can because the information it provides you is invaluable.

What other advice do I have?

The tuning process is easy to use given the preconfigured rule sets which are offered and the flexibility of the API to create more rule sets. It is very easy to silence alerts that you may deem… more»

Which other solutions did I evaluate?

We tried a number of internal AWS tools, but that was all. We went with Threat Stack because they provide the benchmarking against industry accepted known, good standards within the cloud. Their… more»
Narendra Rathi
Real User
Senior Software Security Analyst with 501-1,000 employees
Oct 15 2018

What is most valuable?

The configuration part was pretty easy, because if you're a agent, then you start getting the alert. That is the one thing. Then obviously, like any other SIEM tool, whether it is an install or a… more»

How has it helped my organization?

Threat Stack is pretty easy tool because their integration with AWS instances and everything, that's easy. So you build up a Threat Stack server, if you go to their AWS instances one at a time and… more»

What needs improvement?

Firstly, it shoots back a lot of alerts. Secondly, there are some drawbacks which we have found. Sometimes, they say that the servers is down and up, but that thing is not coming up. This happens… more»

What's my experience with pricing, setup cost, and licensing?

It is a cost-effective choice versus other solutions on the market.

What other advice do I have?

An important feature of this solution is monitoring. Specifically, container monitoring.

Which other solutions did I evaluate?

We considered McAfee and Trend Micro, but we chose this instead.

Articles

User Assessments By Topic About Threat Stack

Find out what your peers are saying about Threat Stack, Palo Alto Networks, CloudPassage and others in Cloud Workload Security. Updated: October 2019.
371,062 professionals have used our research since 2012.

Threat Stack Questions

What is Threat Stack?

Threat Stack is purpose-built to support organizations running in the cloud and the unique requirements of a cloud-based or hybrid infrastructure. In order to protect your sensitive data (the crown jewels) you need to know who is doing what, where and when – at all times. With continuous cloud security monitoring and up-to-the-second alerting, you’ll always have the complete visibility you need to detect anomalous activity and know what occurred immediately.

Threat Stack customers

StatusPage.io, Walkbase, Spanning, DNAnexus, Jobcase, Nextcapital, Smartling, Veracode, 6sense

BUYER'S GUIDE
Download our free Cloud Workload Security Report and find out what your peers are saying about Threat Stack, Palo Alto Networks, CloudPassage, and more!
Sign Up with Email