|
By Shuba Subramaniam
After years in the technical writing trenches at industry giants like Cisco, Riverbed, and Akamai, I now lead the Sysdig Documentation team. I’m Shuba Subramaniam, and I’m passionate about creating content that truly helps people — whether they’re exploring Sysdig for the first time or troubleshooting a tricky issue at 2 a.m.
On Tuesday, January 14, 2025, a set of vulnerabilities were announced that affect the “rsync” utility. Rsync allows files and directories to be flexibly transferred locally and remotely. It is often used for deployments and backup purposes. In total, 6 vulnerabilities were announced to the OSS Security mailing list. The most severe vulnerability, CVE-2024-12084, may result in remote code execution. This post will cover how to detect and mitigate CVE-2024-12084.
|
By Nigel Douglas
Many are familiar with how GitLab leverages Falco in its Package Hunter project to detect threats through system call monitoring. However, fewer may be aware of a powerful GitLab plugin for Falco that ingests audit events directly from GitLab, transforming them into actionable fields within Falco. By integrating GitLab audit event fields, you can create Falco rules to detect potential threats in real time and send alerts through your configured notification channels.
|
By Durgesh Shukla
As the adoption of cloud-native technologies like containers, Kubernetes, and microservices have evolved, traditional security solutions have struggled to keep up. According to the Sysdig Threat Research Team (TRT), the average time it takes an attacker to perform reconnaissance and complete an attack is just 10 minutes. To help teams outpace attackers, cloud-native application protection platforms have emerged.
|
By ashish chakrabortty
The term LLMjacking refers to attackers using stolen cloud credentials to gain unauthorized access to cloud-based large language models (LLMs), such as OpenAI’s GPT or Anthropic Claude. This blog shows how to strengthen LLMs with Sysdig. The attack works by criminals exploiting stolen credentials or cloud misconfigurations to gain access to expensive artificial intelligence (AI) models in the cloud. Once they gain access, they can run costly AI models at the victim’s expense.
|
By Marla Rosner
We’re officially in the final days of 2024, a year so eventful it feels difficult to remember half of what happened. We had the Olympics in Paris, which turned the world into fans of sharpshooting, breakdancing, and the pommel horse; a solar eclipse visible in totality from the US for the first time since 1979; and a monthslong, very impassioned rap battle between Kendrick Lamar and Drake.
|
By Marla Rosner
Securing operations in the cloud can seem daunting. To protect your organization, you need to have the proper preventative and reactive safeguards in place at every step of the software development cycle. But it doesn’t have to be as complex as it sounds. This blog outlines how to secure the entire software development lifecycle, emphasizing the “shift left” approach, which aims to catch vulnerabilities and issues early in the development process to reduce both risks and costs.
|
By Alessandro Brucato
While working on Amazon Bedrock APIs and developing detection mechanisms for Sysdig customers, the Sysdig Threat Research Team (TRT) discovered an unusual behavior in the way some of these APIs were logged in CloudTrail. Specifically, failed Bedrock API calls were logged in the same manner as successful calls, without providing any specific error codes. The lack of error information in API responses may hinder detection efforts by generating false positives in CloudTrail logs.
|
By Nigel Douglas
The phrase “Forging the Proverbial Bulletproof Container” carries both metaphorical and practical significance, particularly in the areas of technology and security. It reflects the idea of building robust, resilient systems that can withstand both internal and external threats. But in the current world of modern, cloud-native software development — where containers have become the backbone of application deployment — the term takes on a literal meaning as well.
|
By Nigel Douglas
Kubernetes 1.32 is right around the corner, and there are quite a lot of changes ready for the Holiday Season! So, what’s new in 1.32? Kubernetes 1.32 brings a whole bunch of useful enhancements, including 39 changes tracked as ‘Graduating’ in this Kubernetes release.
|
By Sysdig
The cloud transformed innovation. But, a lack of visibility into complex workloads, thousands of vulnerabilities add a lot of noise. With Sysdig, you can streamline container and workload security and get back to innovating. Secure every second with Sysdig!
|
By Sysdig
Discover how Neo4j, the world’s leading graph database company, collaborates with Sysdig to reduce its risk in the cloud. From streamlining vulnerability management to building a trusted partnership, this video explores the transformative impact of Sysdig on Neo4j’s security operations. Speakers featured in this video: David Fox, CISO Fredrik Clementson, Senior Director of Engineering Preeti Preeti, Security Analyst.
|
By Sysdig
Falco Feeds, fully managed threat intelligence that works with your current deployment to develop the latest rules and keep you ahead of advanced threats.
|
By Sysdig
Containers are great – but also vulnerable. And attackers know it. As things move fast, stay on top with real time. Know what's happening with runtime.
|
By Sysdig
Cloud attacks strike fast. Prevention used to be enough, but not anymore. And legacy EDR tools fall short because they lack visibility into cloud identities and behavior. Defenders need the ability to detect at the edge - in real time - and correlate early stage identity behavior to see what's happening fast.
|
By Sysdig
AI has supercharged cloud attacks - they are faster, more complex, and more sophisticated It's time for defenders to harness this powerful technology for good. Meet Sysdig Sage, the first AI cloud security analyst capable of multistep reasoning. Sysdig Sage goes beyond simple summarisation. It is context-aware. It is able to control the UI and move you across the platform. With Sysdig Sage on your side, investigating threats in real time is easier than ever.
|
By Sysdig
Loris Degioanni, CTO and Founder of Sysdig, stopped by the Ticker News studio to discuss the major cybersecurity concerns of 2024. In the cloud, attacks are fast. Companies have 5 seconds to discover an attack, 5 minutes to investigate, and 5 minutes to respond. How can companies secure their environment when keeping pace with the speed of the cloud?
|
By Sysdig
AI usage has exploded. In just a few years, it's gone from something the enterprise should track to a powerful technology set we rely on. This sharp rise has created a world of opportunity and a new set of security challenges that we need to be aware of, but not scared of. And that's why I'm excited to share our new AI workload security feature. By understanding where they are running, Sysdig helps you control shadow AI and active AI risk and keeps you ahead of emerging AI regulations because you'll know what AI workloads you have, where they are, and what risks are associated with them.
|
By Sysdig
Based on our understanding of the Gartner report, security and risk management leaders should develop a strategy for addressing the unique and dynamic requirements for protecting hybrid cloud workloads. Gartner's recommendations for cloud workload security include: Sysdig is listed by Gartner® as a Representative Vendor for Cloud Workload Protection Platforms. Gartner also notes Sysdig in the list of companies building or acquiring CSPM capabilities.
|
By Sysdig
A unified approach for security, monitoring, and forensics in containerized and microservice environments.
- January 2025 (6)
- December 2024 (9)
- November 2024 (14)
- October 2024 (10)
- September 2024 (10)
- August 2024 (12)
- July 2024 (11)
- June 2024 (8)
- May 2024 (15)
- April 2024 (9)
- March 2024 (10)
- February 2024 (17)
- January 2024 (8)
- December 2023 (2)
- November 2023 (3)
- October 2023 (6)
- September 2023 (14)
- August 2023 (7)
- July 2023 (9)
- June 2023 (9)
- May 2023 (9)
- April 2023 (3)
- March 2023 (13)
- February 2023 (9)
- January 2023 (7)
- December 2022 (4)
- November 2022 (17)
- October 2022 (12)
- September 2022 (12)
- August 2022 (7)
- July 2022 (6)
- June 2022 (13)
- May 2022 (11)
- April 2022 (7)
- March 2022 (14)
- February 2022 (5)
- January 2022 (9)
- December 2021 (9)
- November 2021 (5)
- October 2021 (7)
- September 2021 (9)
- August 2021 (4)
- July 2021 (4)
- June 2021 (5)
- May 2021 (6)
- April 2021 (6)
- March 2021 (11)
- February 2021 (6)
- January 2021 (7)
- December 2020 (6)
- November 2020 (8)
- October 2020 (8)
- September 2020 (9)
- August 2020 (2)
- July 2020 (7)
- June 2020 (4)
- May 2020 (7)
- April 2020 (6)
- March 2020 (3)
- February 2020 (3)
- January 2020 (3)
- December 2019 (3)
- November 2019 (11)
- October 2019 (4)
- September 2019 (1)
- August 2019 (3)
- July 2019 (3)
- June 2019 (3)
- May 2019 (7)
- April 2019 (6)
- March 2019 (6)
- February 2019 (4)
- January 2019 (1)
- October 2018 (1)
- May 2018 (1)
- April 2018 (1)
- March 2018 (1)
Sysdig is the first unified approach to monitor and secure containers across the entire software lifecycle.
Sysdig was born out of the belief that open source tools will be at the foundation of your next generation infrastructure. See our projects for system visibility, and container security, as well as partner projects we’ve embraced.
Accelerate your transition to containers, and then have confidence in your ongoing operations. We've built the cloud-native intelligence platform to create a single, more effective way to secure, monitor, and assure your critical applications:
- Container security (Sysdig Secure): Protect and assure your applications. Bring together image scanning and run-time protection to identify vulnerabilities, block threats, enforce compliance, and audit activity across your microservices.
- Enterprise-grade Docker monitoring (Sysdig Monitor): Enhance software reliability and accelerate problem resolution with advanced Kubernetes integration and built-in Prometheus monitoring capabilities.
- Automatic orchestrator integration (Sysdig ServiceVision): We use Sysdig ServiceVision to dynamically map services using metadata from Kubernetes, OpenShift, AWS, Azure, Google, Mesos, or Docker EE, and more. With this insight, you can isolate and solve problems faster.
Our container intelligence platform monitors and secures millions of containers across hundreds of enterprises, including Fortune 500 companies and web-scale properties.