Threatstack + Aptible


#1

Does anyone use Threatstack? They claim alot of Aptible users are on their platform. Do you recommend it?


#2

We use ThreatStack. The motivator for deploying it was very much to check a box in a security questionnaire.

Shortly after initial deployment, we ran into a pretty gnarly issue with their Docker monitoring agent (hogged CPU on our hosts). So we don’t currently have visibility to activity within a container (I.e activity generated during an aptible ssh session), only Aptible admin host-level activity (which is interesting to inspect!).

I haven’t really incorporated using the tool into a reoccurring workflow. Their support has been good.

I would give the product a solid meh.


#3

Thanks for the feedback, helps alot!


#4

@waleed-nexhealth have you been using ThreatStack since starting your last post? What has your experience been?