Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Application Security

10/30/2019
11:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Threat Stack Announces Python Support for Application Security Monitoring

Threat Stack Application Security Monitoring helps customers proactively reduce risk during application development and block attacks in real time.

BOSTON, Mass.  October 30, 2019 — Threat Stack, the leader in cloud security and compliance for infrastructure and applications, today announced Python support for Threat Stack Application Security Monitoring. Included with no additional cost as part of the Threat Stack Cloud Security Platform, Threat Stack Application Security Monitoring extends security observability throughout the entire software development life cycle.

With support for both Python and Node.js, Threat Stack Application Security Monitoring identifies risk throughout the entire software development life cycle for both third-party and native code while helping developers learn secure coding practices with built-in eLearning capabilities. After an application is put into production, Threat Stack Application Security Monitoring identifies and blocks attacks such as cross-site scripting (XSS) and SQL injection in real time. Unlike other runtime application security solutions, Threat Stack Application Security Monitoring puts the application in context with the rest of the stack, allowing users to navigate in a single click from application to the container or host where it is deployed for deeper forensics in the case of an attack.

When combining Threat Stack Application Security Monitoring with the rest of the Threat Stack Cloud Security Platform, customers can achieve full stack security observability with contextual insights pulled from the cloud management console, host, containers, orchestration, and applications presented in a single, unified platform. Full stack security observability provides Security and DevOps teams with the actionable intelligence needed to proactively reduce risk within their cloud environment and effectively respond to attacks in real time.

“Meeting the pace of innovation in modern application development is at the core of Threat Stack's mission," said Brian M. Ahern, CEO, Threat Stack. "The addition of Python language support to the Threat Stack Application Security Monitoring functionality within the Threat Stack Cloud Security Platform is the latest in our efforts to innovate and meet the growing needs of security and development professionals alike.”

Threat Stack Application Security Monitoring for Python, with support for Django and Flask is available today. To learn more about Threat Stack Application Security Monitoring, visit https://www.threatstack.com/application-security-monitoring.

About Threat Stack

Threat Stack is the leader in cloud security and compliance for infrastructure and applications, helping companies securely leverage the business benefits of the cloud with proactive risk identification and real-time threat detection across cloud workloads. The Threat Stack Cloud Security Platform® delivers full stack security observability across the cloud management console, host, container, orchestration, managed containers, and serverless layers. Threat Stack provides the flexibility to consume telemetry within existing security workflows — or manages it with you through the Threat Stack Cloud SecOps Program so you can respond to security incidents and improve your organization’s cloud security posture over time.

For more information or to schedule a free demo, visit threatstack.com.

Contact:

 

Tim Morin

fama PR for Threat Stack

(617) 986-5009

[email protected]

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
SOC 2s & Third-Party Assessments: How to Prevent Them from Being Used in a Data Breach Lawsuit
Beth Burgin Waller, Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLC,  12/5/2019
Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "This is the last time we hire Game of Thrones Security"
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-4428
PUBLISHED: 2019-12-09
IBM Watson Assistant for IBM Cloud Pak for Data 1.0.0 through 1.3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....
CVE-2019-4611
PUBLISHED: 2019-12-09
IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 168519.
CVE-2019-4612
PUBLISHED: 2019-12-09
IBM Planning Analytics 2.0 is vulnerable to malicious file upload in the My Account Portal. Attackers can make use of this weakness and upload malicious executable files into the system and it can be sent to victim for performing further attacks. IBM X-Force ID: 168523.
CVE-2019-4621
PUBLISHED: 2019-12-09
IBM DataPower Gateway 7.6.0.0-7 throug 6.0.14 and 2018.4.1.0 through 2018.4.1.5 have a default administrator account that is enabled if the IPMI LAN channel is enabled. A remote attacker could use this account to gain unauthorised access to the BMC. IBM X-Force ID: 168883.
CVE-2019-19230
PUBLISHED: 2019-12-09
An unsafe deserialization vulnerability exists in CA Release Automation (Nolio) 6.6 with the DataManagement component that can allow a remote attacker to execute arbitrary code.