Threat Stack adds context functionality to reduce MTTK within its Cloud Security Platform
Threat Stack announced new alert context functionality to reduce mean-time-to-know (MTTK) within the Threat Stack Cloud Security Platform. Threat Stack’s enhanced alert context provides meaningful data that will help guide security leaders’ investigations into high severity alerts in real-time.
When investigating an alert that may be a potential security risk, every minute counts. Yet, according to IBM, the average time to identify a breach in 2020 was 207 days, providing cybercriminals ample time to steal critical information, compromise employees, or launch new attacks.
Threat Stack’s enhanced user interface (UI) with alert context functions includes highlights, visualizations, and tables that provide security leaders with the necessary information to identify and remediate potential threats quickly. This machine-generated context includes visualizations and trend graphs that flag threat trends based on frequency and volume.
The updated platform UI can also group alerts by common indicators, such as compliance and process, enabling users to correlate across behaviors more quickly. This helps users to better understand which alerts are a higher priority for investigation.
“At Threat Stack, we want to arm our customers with the ability to prioritize and investigate alerts with ease,” said Chris Ford, VP of Product at Threat Stack.
“The new alert context functionality reduces MTTK so users can triage alerts quickly and directly through the Threat Stack Cloud Security Platform. This update is yet another example of platform automation that reduces toil for security analysts and helps alleviate some of the burden resource-strapped security teams face.”
The highlights function supports point-in-time context by summarizing historical activity related to the alert. The additional context provides businesses with data about corporate infrastructure, users, and process activities while offering crucial guidance during security investigations over the past month.
Threat Stack is also introducing a refreshed alerts page that provides users with visualizations such as histograms that can show activity for users over the past 30 days. In addition, the histogram is interactive, allowing users to zoom in and investigate activity on dates of interest.