SecureStack's core functionality is its integration and automation. You can pick and choose what security elements to use and SecureStack handles the backend integration. Want to enable new rootkit protection? The data just starts flowing into your Virtual SOC and your IDS is now monitoring the correct data points.
SecureStack is built to be cloud native. We tightly integrate with many AWS services including ECS, EC2, Elastisearch and many others. Within those services we integrate and manage dozens of functions. SecureStack can provision natively to AWS, Alibaba Cloud, Google GCP, Microsoft Azure, VMWare and VCloud Air currently.
SecureStack SIPServer comes with fully integrated SIEM (security information and event management). See your security posture in one main view, broken down by source country, destination service and more. Drill down to see individual audit reports and suggestions. All your data is available for realtime or historical analysis and SecureStack backs it all up for you too! We've created visualizations and dashboards for most of our security modules. You can also create your own custom dashboards and/or edit the ones that come with SecureStack SIPServer.
SecureStack's first order of business is to make sure the foundation you are building your infrastructure on is secure. Our adaptive technology can identify applications and potential areas of concern on existing servers and harden them dynamically. SecureStack has built in system and application auditing and uses machine learning to identify new issues and move to mitigate them.
Are you using AMIs from the AWS Marketplace? Do you know what's in those images and what vulnerabilities might be built in? Who built your VMWare templates and what do they include? Is every node a special snowflake? Can your ops team rebuild a server easily if it becomes unreliable?
SecureStack provides certified images that are known good and fully secured. Our technology distributes and builds hardened images for cloud and on-prem infrastructure that you can use to provision new resources from. Your infrastructure will all be built from the same standardized foundation. SecureStack automates this build creation and makes sure what you are building is safe and secure.
SecureStack is built on the functionality of Intrusion Detection and Prevention Systems (IDS and IPS). IDS is one of the core pieces of SecureStack and its integrated into everything we provide.
IDS gives you:
While IPS gives you:
Auditing is one of the core functions of SecureStack. It's baked right in. SecureStack dynamically adjusts to the changing functions and roles of your systems. Add a webserver or memcache? SecureStack automatically audits new functionality as it's added. New packages and functionality trigger audit control in realtime. Audit data is shared to your SecureStack SIPServer Siem for real-time and historical analysis.
So rest assured, SecureStack = Built in auditing for your applications and nodes, no matter where they live.
SecureStack uses a dynamic firewall technology that protects all of your nodes and shares that data amongst them. So when one node protects itself against a realtime threat, all nodes are protected against that threat. Additionally, the identity of the attacker is added to the firewall and that data is shared as well so that any other attacks coming from that source are mitigated. This technology is MUCH more robust than static firewall rules or security groups.
SecureStack comes with powerful industry best WAF and DDoS mitigation to protect Apache or Nginx. Deny maclicious hackers before they even get to your web server. WAF data is shared to your SecureStack SIPServer SIEM.
SecureStack uses industry best Anti-Virus and Anti-Malware tools to keep your systems safe and bug free. Our technology uses both realtime and event related monitoring. So you know that even if someone accidentally downloads the wrong thing you won't have to wait until the next scheduled scan to find out.
We also monitor for the latest rootkits and complex targetted attacks and back door access.
Global threat actors IP and signature data is an important tool in repelling realtime attacks.
We combine our own threat data with that of other trusted sources to give you the best blacklist in the industry.
Get access to the realtime curated SecureStack Global Threat List with all SecureStack subscriptions.
All SecureStack products get access to your realtime threat data. Any of your individual nodes that are attacked share that theat data with all your other systems in realtime, wherever they are.
We build our enterprise customers a Virtual SOC (security operations center) which enables all integrated tools to share their metrics and data. Custom dashboards, modules and functionality are available for many of the integrated tools. Geo location, most common attacks, IP's blocked, port activity and much MUCH more are available. You can see what's happening to your infrastructure and how SecureStack is addressing it.