stackArmor ThreatAlertTM is a fully Managed Security Operations Center (SOC) and Compliance Service customized for Public sector, Healthcare, Government Agencies and Government contractors with HIPAA, SOC-2, NIST Cybersecurity Framework, NIST SP 800-53, FedRAMP or FISMA based security compliance requirements. The stackArmor ThreatAlertTM service provides a fully integrated and end-to-end service that combines Security Operations, AI-Analytics, Threat Remediation and Compliance Reporting for regulated markets. Our approach aligns with emerging cybersecurity best practices such as SOAPA/SOAR that are being increasingly covered by industry analysts like Gartner.
stackArmor ThreatAlertTM provides an end-to-end security and compliance service that goes beyond traditional logging, monitoring, alerting and Security Incident and Event Management (SIEM) to a more proactive threat hunting service. Our fully integrated Dedicated Security Operations Center (SOC) is staffed with AWS certified SecDevOps Engineers delivering incident response, compliance reporting and remediation assistance. stackArmor ThreatAlertTM is the only integrated cybersecurity end-to-end service for NIST, HIPAA, and GDPR compliant security services for public sector, commercial SaaS, government and healthcare organizations. The service is highly configurable and customized to allow for one-time security architecture review, vulnerability and penetration scanning or continuous monitoring & compliance.
stackArmor ThreatAlertTM coverage matrix covers the full-stack and has been developed based on NIST, DOD DISA, OWASP, AWS and other Industry best practices and standards. The table below provides an overview of the threats and vulnerabilities included in the service.
|Vulnerability Surface||Description||Frequency of Check/Scan|
|AWS Cloud Configurations||This scan includes common misconfiguration and security best practices that are recommended for protecting data and access including VPC, IAM, S3, RDS and others.||Daily scan|
|Operating System||Scans and reports operating system and application server vulnerabilities based on NIST CVE scores.||Recommended at least monthly but could be more frequent|
|Docker Containers||Deep scan of container image for common vulnerabilities based on NIST CVE scoring using anchore.io||Recommended as part of the CI/CD pipeline|
|Operational Threats||Aggregated collection of findings from common AWS services such as AWS CloudTrail, CloudWatch, and GuardDuty for Account, Instance scanning and unauthorized access.||Continuous Scan|
|Data Files||Advanced intrusion detection to detect file integrity issues and report system intrusions.||Daily|
|Anti-Virus and Malware Scanning||Integrated antivirus engine for detecting trojans, viruses, malware & other malicious threats.||Daily|
|Custom Scans and Inputs||Specialized scanners and integrations with industry leading security solutions including Palo Alto Network, Splunk and Trend Micro amongst others.||Dependent on requirements|
The service is constantly being enhanced and augmented to cover new types of threats and vulnerabilities to provide highly responsive and updated security coverage.
The service delivery model includes one-time cybersecurity architecture reviews, vulnerability and penetration scans or continuous monitoring based on customizable reporting requirements. The service delivery includes incident response with customizable alerts, reports and remediation consulting. The stackArmor ThreatAlert service can be deployed as a dedicated service within the boundary of the customers’ environment or delivered as a shared service to meet various business, technical and security needs. The pricing for the service is described below:
Learn more about stackArmor ThreatAlert and contact us for a free consultation and ask for sample reports. Fill out form to contact a stackArmor ThreatAlert Security Specialist.