Feature Walkthrough

Agent 2.0+

• Agent 3.x Series Commands
• Agent 2.x+ Series Commands
• Windows Agent 2.x Series Commands
• Run Linux Agent 3.x in Low Power Mode
• Enable eBPF for Linux Agent 3.x
• About Environment Tags

Alerts

• Alert Trends Functionality
• Alert Feature Overview
• Life Cycle of an Alert
• Alert Navigation and Dismissal Reasons
• Alert Context Overview

Analytics

• Introduction to Analytics
• Analytics Overview
• Analytics Details

Audit Log

• Audit Log

AWS EC2 Tags

• Overview: AWS EC2 Tags

AWS Fargate

• Configure Fargate Task Definition with JSON Templates
• Add Threat Stack Container Security Monitoring for Fargate to Existing Kubernetes Deployment
• Troubleshooting Threat Stack Container Security Monitoring for AWS Fargate
• Threat Stack Container Security Monitoring for AWS Fargate
• Install Threat Stack Container Security Monitoring for AWS Fargate ECS
• Threat Stack AWS Fargate Commands

Data Portability

• Data Portability
• Raw Event Format
• FAQ: Does data portability support CloudTrail events?
• FAQ: Can I use Amazon Key Management Service (KMS) Encryption with data portability?
• FAQ: Can I use Amazon S3 Object Lock with data portability?
• FAQ: What happens if something goes wrong with the Threat Stack Cloud Security PlatformⓇ (CSP) connection to my AWS S3 bucket?

EC2 Context Enrichment

• Cloud Provider Context Enrichment

Events

• Event Search and FQDN for CloudTrail Events
• Introduction to Events
• Overview: Events Feature
• All Events Tab
• Event Queue Tab
• Search for Events

See all 8 articles

Reports

• Introduction to the Reports Interface
• Insight Reports
• Compliance Reports
• Attach a Compliance Classifier to a Rule

Rules

• Introduction to Rules
• Rules Overview
• Rule Creation Overview
• Search and Filter Rules
• Rule List
• Edit Rule Drawer

See all 11 articles

Servers

• Agent Health Status
• Select and Sort Columns on Servers Page
• Servers Page

Single Sign On (SSO)

• Configure a Threat Stack Organization with AWS SSO
• Configure Hard Session Timeout through OneLogin IdP SSO
• Configure Single Sign On (SSO) in Threat Stack
• Configure Multi-Org SSO Integration
• Add Users to SSO-Enabled Organizations
• Revoke Users from SSO-Enabled Organizations

See all 8 articles

threatML

• Introduction to threatML
• ThreatML Data Models
• ThreatML Anomalies Widget
• Overview: threatML Feature
• Process Anomalies Details Page

User Management

• Account Roles in Your Threat Stack Organization
• Manage Users

Windows Agent

• Windows Agent Permissions and Privileges
• Sysmon Events
• Windows Ruleset Compliance Matrix
• Deploy Threat Stack Windows Agent 2.x Series