Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Application Security

10/30/2019
11:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Threat Stack Announces Python Support for Application Security Monitoring

Threat Stack Application Security Monitoring helps customers proactively reduce risk during application development and block attacks in real time.

BOSTON, Mass.  October 30, 2019 — Threat Stack, the leader in cloud security and compliance for infrastructure and applications, today announced Python support for Threat Stack Application Security Monitoring. Included with no additional cost as part of the Threat Stack Cloud Security Platform, Threat Stack Application Security Monitoring extends security observability throughout the entire software development life cycle.

With support for both Python and Node.js, Threat Stack Application Security Monitoring identifies risk throughout the entire software development life cycle for both third-party and native code while helping developers learn secure coding practices with built-in eLearning capabilities. After an application is put into production, Threat Stack Application Security Monitoring identifies and blocks attacks such as cross-site scripting (XSS) and SQL injection in real time. Unlike other runtime application security solutions, Threat Stack Application Security Monitoring puts the application in context with the rest of the stack, allowing users to navigate in a single click from application to the container or host where it is deployed for deeper forensics in the case of an attack.

When combining Threat Stack Application Security Monitoring with the rest of the Threat Stack Cloud Security Platform, customers can achieve full stack security observability with contextual insights pulled from the cloud management console, host, containers, orchestration, and applications presented in a single, unified platform. Full stack security observability provides Security and DevOps teams with the actionable intelligence needed to proactively reduce risk within their cloud environment and effectively respond to attacks in real time.

“Meeting the pace of innovation in modern application development is at the core of Threat Stack's mission," said Brian M. Ahern, CEO, Threat Stack. "The addition of Python language support to the Threat Stack Application Security Monitoring functionality within the Threat Stack Cloud Security Platform is the latest in our efforts to innovate and meet the growing needs of security and development professionals alike.”

Threat Stack Application Security Monitoring for Python, with support for Django and Flask is available today. To learn more about Threat Stack Application Security Monitoring, visit https://www.threatstack.com/application-security-monitoring.

About Threat Stack

Threat Stack is the leader in cloud security and compliance for infrastructure and applications, helping companies securely leverage the business benefits of the cloud with proactive risk identification and real-time threat detection across cloud workloads. The Threat Stack Cloud Security Platform® delivers full stack security observability across the cloud management console, host, container, orchestration, managed containers, and serverless layers. Threat Stack provides the flexibility to consume telemetry within existing security workflows — or manages it with you through the Threat Stack Cloud SecOps Program so you can respond to security incidents and improve your organization’s cloud security posture over time.

For more information or to schedule a free demo, visit threatstack.com.

Contact:

 

Tim Morin

fama PR for Threat Stack

(617) 986-5009

[email protected]

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 5/28/2020
GDPR Enforcement Loosens Amid Pandemic
Seth Rosenblatt, Contributing Writer,  5/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Can you smell me now?
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-11019
PUBLISHED: 2020-05-29
In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index. Data could be printed as string to local terminal. This has been fixed in 2.1.0.
CVE-2020-11038
PUBLISHED: 2020-05-29
In FreeRDP less than or equal to 2.0.0, an Integer Overflow to Buffer Overflow exists. When using /video redirection, a manipulated server can instruct the client to allocate a buffer with a smaller size than requested due to an integer overflow in size calculation. With later messages, the server c...
CVE-2020-11039
PUBLISHED: 2020-05-29
In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks. This has been patched in 2.1.0.
CVE-2020-11041
PUBLISHED: 2020-05-29
In FreeRDP less than or equal to 2.0.0, an outside controlled array index is used unchecked for data used as configuration for sound backend (alsa, oss, pulse, ...). The most likely outcome is a crash of the client instance followed by no or distorted sound or a session disconnect. If a user cannot ...
CVE-2020-1798
PUBLISHED: 2020-05-29
HUAWEI P30 smartphones with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability. A logic error occurs when handling NFC work, an attacker should establish a NFC connection to the target phone, and then do a series of operations on the target phone. Successful...