Sysdig Introduces New Capabilities to Secure Kubernetes-Based Applications

Latest Sysdig Secure release offers advanced Kubernetes auditing,
compliance, and service-based access control SEATTLE (BUSINESS WIRE) KubeCon + CloudNativeCon North America 2018

Sysdig,

, the cloud-native intelligence company, today announced new

features for Sysdig Secure, part of the Sysdig Cloud-Native Intelligence

Platform. The Sysdig platform is the only unified platform on the market

that provides cloud-native security, monitoring, and forensics. Today’s

enhancements add advanced Kubernetes auditing and vulnerability

management, service-based access control, and security analytics, along

with simplified compliance to give users a complete view of the health

and risk profiles of their container environments.

Sysdig Introduces New Capabilities to Secure Kubernetes-Based Applications

With the introduction today of Sysdig Secure 2.2, Sysdig continues to

provide enterprise customers, like

Cota

, Sunrun ,

and Quby ,

the ability to detect behavioral anomalies across their entire

infrastructure. Sysdig Secure is built on the same core instrumentation

as the open source Sysdig project, Falco ,

which was included as a CNCF Sandbox project in October.

Sysdig Secure 2.2 blog, “

Introducing

Sysdig Secure 2.2 Kubernetes Auditing, Compliance, and Access Control

”

“Modern infrastructures drastically increase the number of moving parts,

creating a bigger surface area for attackers to exploit. It can be a

nightmare for security professionals, but it doesn’t have to be,” said

Knox Anderson, Product Manager, Sysdig. “With the latest features

announced today for Sysdig Secure, enterprises have enhanced visibility,

answering the questions of, ‘who is doing what within Kubernetes.’”

With the Sysdig Cloud-Native Intelligence Platform, enterprise customers

are able to monitor, secure, and troubleshoot without needing to

instrument individual containers or configure exporters. By using a

single point of instrumentation to unlock a completely new source of

data, Sysdig provides visibility into containers and microservices with

the least amount of burden on the environment.

Sysdig Secure 2.2 Features

Kubernetes Audit Events

Adds new detections based on audit

Sysdig is the first cloud-native

security provider to tap the recently released Kubernetes Audit

Policy, creating an additional feed of events to monitor. Virtually

all cluster management tasks are done through the API server;

therefore, the audit log contains all changes made to the cluster. By

tapping the kube-apiserver, Sysdig can alert administrators of

suspicious and notable behavior. These alerts help users quickly

identify incidents that could negatively impact the business and lets

operators answer who did what, where, and when.

Sysdig Teams Service-based access control

Sysdig

Secure 2.2 introduces

service-based

, providing customized reports and dashboards that

give users access to only the information that is pertinent to them.

The ability to control team privileges to hosts, namespaces, clusters,

and deployments, exposes information only to those who need it, making

it easier to respond to incidents and adding another layer of security

by limiting exposure to information outside the scope of individual

teams.

Kubernetes Vulnerability Management

Admissions controller

Sysdig Secure 2.2 has added the ability to

natively integrate with Kubernetes admission controllers. Through

mutating webhooks, Kubernetes can authenticate with Sysdig Secure to

prevent unscanned or vulnerable images from being deployed on a

cluster. This non-intrusive approach allows organizations to validate

images at the Kubernetes level rather than container runtime.

Service Oriented Compliance

Leveraging Kubernetes labels

With the introduction of

Kubernetes resource-specific scheduling of CIS Compliance Benchmarks,

Sysdig Secure 2.2 further eases the pain of measuring and enforcing

compliance across a distributed environment. Scoping enables users to

limit scans to specific Kubernetes resources, which saves time by

limiting compliance checks to the logical entities that are important

to auditors.

Security Analytics Integrating metrics for a full view

For

users who pair Sysdig Monitor with Sysdig Secure 2.2, they have access

to more than 90 new metrics that are sent to the Sysdig platform. By

viewing Sysdig Secure metrics with the Sysdig Monitor data on the same

dashboards, enterprises gain visibility into the performance, health,

compliance, and security posture of their environment on a single

dashboard.

Availability

Sysdig

is available as a standalone technology or as a part of the unified Sysdig Cloud-Native Intelligence Platform, which includes

Sysdig

Monitor

. Sysdig Secure 2.2 is now available to all customers.

Sysdig Secure at KubeCon + CloudNativeCon

Sysdig is currently demoing the Sysdig Cloud-Native Intelligence

Platform at KubeCon + CloudNativeCon North America 2018, booth #P14.

IBM Cloud Monitoring with Sysdig Who: Eric Carter, Director of Product Marketing at Sysdig Shadi Albouyeh, Offering Manager at IBM Cloud When: Session 1 Tuesday, Dec. 11; 1:30pm Session 2 Tuesday, Dec. 11; 6:45pm Where: IBM mini-theater

Intro:

Falco

Who: Loris Degioanni, CTO and Founder of Sysdig When: Tuesday, Dec. 11; 3:40pm Where: Room 615-617

Deep

Dive: Falco

Who: Mark Stemm, Senior Security Engineer at Sysdig When: Thursday, Dec. 13; 3:40pm Where: Room 615-617

About Sysdig

Sysdig is the cloud-native intelligence company . Enterprises

depend on Sysdig to deliver reliable, secure containerized applications.

We have created the only unified platform to deliver container security,

monitoring, and forensics in a microservices-friendly architecture. Our

open source technologies have attracted a community of over a million