compliance, and service-based access control SEATTLE (BUSINESS WIRE) KubeCon + CloudNativeCon North America 2018
Sysdig,
, the cloud-native intelligence company, today announced newfeatures for Sysdig Secure, part of the Sysdig Cloud-Native Intelligence
Platform. The Sysdig platform is the only unified platform on the market
that provides cloud-native security, monitoring, and forensics. Today’s
enhancements add advanced Kubernetes auditing and vulnerability
management, service-based access control, and security analytics, along
with simplified compliance to give users a complete view of the health
and risk profiles of their container environments.
With the introduction today of Sysdig Secure 2.2, Sysdig continues to
provide enterprise customers, likeCota
, Sunrun ,and Quby ,
the ability to detect behavioral anomalies across their entire
infrastructure. Sysdig Secure is built on the same core instrumentation
as the open source Sysdig project, Falco ,
which was included as a CNCF Sandbox project in October.
Sysdig Secure 2.2 blog, “Introducing
Sysdig Secure 2.2 Kubernetes Auditing, Compliance, and Access Control
”“Modern infrastructures drastically increase the number of moving parts,
creating a bigger surface area for attackers to exploit. It can be a
nightmare for security professionals, but it doesn’t have to be,” said
Knox Anderson, Product Manager, Sysdig. “With the latest features
announced today for Sysdig Secure, enterprises have enhanced visibility,
answering the questions of, ‘who is doing what within Kubernetes.’”
With the Sysdig Cloud-Native Intelligence Platform, enterprise customers
are able to monitor, secure, and troubleshoot without needing to
instrument individual containers or configure exporters. By using a
single point of instrumentation to unlock a completely new source of
data, Sysdig provides visibility into containers and microservices with
the least amount of burden on the environment.
Sysdig Secure 2.2 Features
Kubernetes Audit EventsAdds new detections based on audit
Sysdig is the first cloud-native
security provider to tap the recently released Kubernetes Audit
Policy, creating an additional feed of events to monitor. Virtually
all cluster management tasks are done through the API server;
therefore, the audit log contains all changes made to the cluster. By
tapping the kube-apiserver, Sysdig can alert administrators of
suspicious and notable behavior. These alerts help users quickly
identify incidents that could negatively impact the business and lets
operators answer who did what, where, and when.
Sysdig Teams Service-based access control
Sysdig
Secure 2.2 introducesservice-based
, providing customized reports and dashboards thatgive users access to only the information that is pertinent to them.
The ability to control team privileges to hosts, namespaces, clusters,
and deployments, exposes information only to those who need it, making
it easier to respond to incidents and adding another layer of security
by limiting exposure to information outside the scope of individual
teams.
Kubernetes Vulnerability ManagementAdmissions controller
Sysdig Secure 2.2 has added the ability to
natively integrate with Kubernetes admission controllers. Through
mutating webhooks, Kubernetes can authenticate with Sysdig Secure to
prevent unscanned or vulnerable images from being deployed on a
cluster. This non-intrusive approach allows organizations to validate
images at the Kubernetes level rather than container runtime.
Service Oriented ComplianceLeveraging Kubernetes labels
With the introduction of
Kubernetes resource-specific scheduling of CIS Compliance Benchmarks,
Sysdig Secure 2.2 further eases the pain of measuring and enforcing
compliance across a distributed environment. Scoping enables users to
limit scans to specific Kubernetes resources, which saves time by
limiting compliance checks to the logical entities that are important
to auditors.
Security Analytics Integrating metrics for a full view
For
users who pair Sysdig Monitor with Sysdig Secure 2.2, they have access
to more than 90 new metrics that are sent to the Sysdig platform. By
viewing Sysdig Secure metrics with the Sysdig Monitor data on the same
dashboards, enterprises gain visibility into the performance, health,
compliance, and security posture of their environment on a single
dashboard.
Availability
Sysdig
is available as a standalone technology or as a part of the unified Sysdig Cloud-Native Intelligence Platform, which includesSysdig
Monitor
. Sysdig Secure 2.2 is now available to all customers.Sysdig Secure at KubeCon + CloudNativeCon
Sysdig is currently demoing the Sysdig Cloud-Native Intelligence
Platform at KubeCon + CloudNativeCon North America 2018, booth #P14.
IBM Cloud Monitoring with Sysdig Who: Eric Carter, Director of Product Marketing at Sysdig Shadi Albouyeh, Offering Manager at IBM Cloud When: Session 1 Tuesday, Dec. 11; 1:30pm Session 2 Tuesday, Dec. 11; 6:45pm Where: IBM mini-theaterIntro:
Falco
Who: Loris Degioanni, CTO and Founder of Sysdig When: Tuesday, Dec. 11; 3:40pm Where: Room 615-617Deep
Dive: Falco
Who: Mark Stemm, Senior Security Engineer at Sysdig When: Thursday, Dec. 13; 3:40pm Where: Room 615-617About Sysdig
Sysdig is the cloud-native intelligence company . Enterprises
depend on Sysdig to deliver reliable, secure containerized applications.
We have created the only unified platform to deliver container security,
monitoring, and forensics in a microservices-friendly architecture. Our
open source technologies have attracted a community of over a million
developers, administrators, and other IT professionals looking for deep
visibility into applications and containers. Our cloud-native
intelligence platform monitors and secures millions of containers across
hundreds of enterprises, including Fortune 500 companies and web-scale
properties. Learn more at www.sysdig.com .
Contacts
Media Contact
280blue,
Amanda McKinney
amanda@280blue.com
Do you think you can beat this Sweet post? If so, you may have what it takes to become a Sweetcode contributor...Learn More.