Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Strengthen LLMs with Sysdig Secure

The term LLMjacking refers to attackers using stolen cloud credentials to gain unauthorized access to cloud-based large language models (LLMs), such as OpenAI’s GPT or Anthropic Claude. This blog shows how to strengthen LLMs with Sysdig. The attack works by criminals exploiting stolen credentials or cloud misconfigurations to gain access to expensive artificial intelligence (AI) models in the cloud. Once they gain access, they can run costly AI models at the victim’s expense.

Refresh yourself on 2024's top cyber attack trends to stay safe in 2025

We’re officially in the final days of 2024, a year so eventful it feels difficult to remember half of what happened. We had the Olympics in Paris, which turned the world into fans of sharpshooting, breakdancing, and the pommel horse; a solar eclipse visible in totality from the US for the first time since 1979; and a monthslong, very impassioned rap battle between Kendrick Lamar and Drake.

How to secure every stage of the CI/CD pipeline with Sysdig

Securing operations in the cloud can seem daunting. To protect your organization, you need to have the proper preventative and reactive safeguards in place at every step of the software development cycle. But it doesn’t have to be as complex as it sounds. This blog outlines how to secure the entire software development lifecycle, emphasizing the “shift left” approach, which aims to catch vulnerabilities and issues early in the development process to reduce both risks and costs.

Bedrock Slip: Sysdig TRT Discovers CloudTrail Logging Missteps

While working on Amazon Bedrock APIs and developing detection mechanisms for Sysdig customers, the Sysdig Threat Research Team (TRT) discovered an unusual behavior in the way some of these APIs were logged in CloudTrail. Specifically, failed Bedrock API calls were logged in the same manner as successful calls, without providing any specific error codes. The lack of error information in API responses may hinder detection efforts by generating false positives in CloudTrail logs.

Forging the proverbial bulletproof container

The phrase “Forging the Proverbial Bulletproof Container” carries both metaphorical and practical significance, particularly in the areas of technology and security. It reflects the idea of building robust, resilient systems that can withstand both internal and external threats. But in the current world of modern, cloud-native software development — where containers have become the backbone of application deployment — the term takes on a literal meaning as well.

Sysdig and Cribl: Unleash the true power of cloud security data

Cloud security operates on a different paradigm compared to traditional IT security. For example, it involves multiple contextual layers such as cloud services, containers and Kubernetes that require specialized insights. The challenge is even harder when the organization is affected by compliance requirements, and is compounded by the sheer volume of data that becomes a major concern for any organization. Failing to effectively manage it leads to costly inefficiencies and risks.

Falco vs. Sysdig OSS: Choosing the Right Tool for the Job

The open-source ecosystem is rich with tools that empower developers and security practitioners alike. Two standout projects are Sysdig OSS and Falco, both of which leverage deep system-level instrumentation to provide insights and enhance security. However, while they share a common foundation, they serve distinct purposes. This blog explores the strengths of Sysdig OSS and Falco, how they differ, and how they can complement each other.

26 AWS Security Best Practices to Adopt in Production

One of the most important pillars of a well-architected framework is security. Thus, it is important to follow these AWS security best practices, organized by service, to prevent unnecessary security situations. So, you’ve got a problem to solve and turned to AWS to build and host your solution. You create your account and now you’re all set up to brew some coffee and sit down at your workstation to architect, code, build, and deploy. Except, you aren’t.

The evolution of vulnerability scanning

As application development and deployment evolve, traditional tools alone can no longer handle the dynamic, ephemeral nature of cloud and cloud-native environments. This article explores how cloud-native application protection platforms (CNAPPs) are addressing these challenges to enhance coverage and streamline prioritization.