Case Study: Lola.com achieves PCI compliance and full Kubernetes container visibility with Threat Stack

Threat Stack Secures Lola’s Kubernetes-Based Infrastructure

Lola, a Boston-based business travel company, moved its infrastructure to AWS and then to a fully containerized Kubernetes environment and needed a security solution that would help them achieve PCI compliance and provide visibility into container-to-container and CloudTrail activity. They selected Threat Stack and initially used the Threat Stack Cloud Security Platform, later deploying the Threat Stack Containerized Agent to align with their DevOps and infrastructure-as-code approach.

Threat Stack deployed a containerized agent (run as a daemonset) to deliver continuous monitoring and real-time alerting across containers and AWS CloudTrail, enforce PCI and Docker CIS rulesets out of the box, and integrate alerts into Slack for immediate response; its TTY Timeline and alert reporting also let Lola produce auditor-ready compliance records. As a result, Threat Stack removed security blindspots, streamlined security deployment for Kubernetes, and enabled Lola to scale rapidly while maintaining PCI compliance and operational visibility.

Lola.com

Katie Paugh

Sr. DevOps Engineer