ThreatStack Cloud Security Platform
Security Orchestration
ThreatStack Cloud Security Platform
Description
Cloud workloads move fast, and the threats targeting them move faster. Threat Stack built its Cloud Security Platform to deliver full-stack observability across every layer of cloud infrastructure, from management consoles and hosts to containers, orchestration engines, and serverless functions. F5 Networks saw enough value to acquire Threat Stack for $68 million in 2021, integrating its cloud workload protection capabilities into F5's broader application security portfolio. If you are evaluating Threat Stack today, you are effectively looking at technology that now lives within the F5 Distributed Cloud platform.
TL;DR
- Cloud-native security and compliance platform covering host, container, and serverless layers
- Acquired by F5 Networks for $68 million; technology integrated into F5 Distributed Cloud
- Continuous compliance monitoring with real-time drift detection
- Intrusion detection and file integrity monitoring for cloud workloads
- Full-stack observability from cloud console to application layer
"The addition of Threat Stack's cloud security capabilities to F5's application and API protection solutions enhances visibility across application infrastructure and workloads."
F5 Networks as stated in
F5 Press Release
The platform's strength lay in its multi-layer visibility model. Rather than monitoring only the perimeter or just the workload, Threat Stack observed behavior across the cloud management console (where misconfigurations happen), the host operating system (where attackers establish footholds), containers and orchestration platforms (where lateral movement occurs), and serverless functions (where detection blind spots live). This full-stack approach meant that a privilege escalation in a Kubernetes pod could be correlated with a suspicious API call in the management console, turning isolated signals into a coherent threat narrative.
Pro Tip: Map Your Cloud Security Layers Before Choosing Tools
Before evaluating cloud workload protection platforms, inventory which layers of your cloud stack currently have security visibility and which are blind spots. The most common gaps are in container orchestration and serverless functions, exactly where attackers increasingly operate.
Continuous compliance monitoring was another core capability, tracking infrastructure configurations against frameworks like SOC 2, HIPAA, PCI DSS, and CIS benchmarks in real time. Rather than discovering compliance drift during quarterly audits, teams received immediate alerts when configurations deviated from policy. File integrity monitoring tracked changes to critical system files, catching unauthorized modifications that signal compromise. While the standalone Threat Stack platform has been absorbed into F5's ecosystem, the underlying technology and approach remain relevant for organizations evaluating cloud workload protection strategies, particularly those already invested in F5's application delivery and security infrastructure.
Key Takeaways
- Full-Stack Coverage: Console, host, container, orchestration, and serverless visibility
- F5 Acquisition: Technology now integrated into F5 Distributed Cloud platform
- Continuous Compliance: Real-time drift detection against SOC 2, HIPAA, PCI, and CIS
- Behavioral Detection: Correlates signals across cloud layers for coherent threat narratives
Frequently Asked Questions
Is Threat Stack still available as a standalone product?
Threat Stack was acquired by F5 Networks in 2021. Its cloud security technology has been integrated into the F5 Distributed Cloud platform. New customers should evaluate F5's current cloud security offerings.
What cloud environments did Threat Stack support?
The platform supported AWS, Azure, and GCP environments, monitoring workloads across virtual machines, containers (Docker, Kubernetes), managed container services, and serverless functions.
Sources: F5 Press Release,
SDxCentral,
BusinessWire
Service Type
ServiceAlternatives to ThreatStack Cloud Security Platform
About Security Orchestration
Visit Threat Stack
Learn more about ThreatStack Cloud Security Platform directly from Threat Stack.
Threat Stack Official Site