Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Sysdig

Assess Your Readiness Now for the SEC Cybersecurity Disclosure Rules

The SEC’s new ‘Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure’ rule (issued on July 26, 2023) has public companies, notably smaller companies, worrying about having enough cybersecurity expertise to run a security program consistent with SEC requirements.

How to Prioritize Vulnerabilities with Checkmarx and Sysdig Runtime Insights

Back in August 2023, Checkmarx and Sysdig announced a new partnership. This collaboration enables customers of both Checkmarx and Sysdig to leverage the comprehensive visibility offered by Sysdig Runtime Insights to get even more value from the Checkmarx One application security platform.

The First CNAPP with Out-of-the-Box NIS2 and DORA Compliance

In an era where cloud attacks and threats are happening very fast and constantly evolving, the European Union (EU) has stepped up its cybersecurity game with two new regulations: the Digital Operational Resilience Act (DORA) and the revised Directive on Security of Network and Information Systems (NIS2). With more strict requirements on compliance controls and breach disclosures, these regulations are set to transform how businesses manage their cyber risks in Europe.

The Urgent Need for Real-time Cloud Detection & Response

It is impressive how explosively the cloud security market has embraced detection and response in recent months. The industry, including both users and vendors, is rapidly acknowledging the complexity of modern cloud attacks. Facilitated by automation and APIs, attacks cannot be effectively countered with traditional solutions that lack context of cloud environments or focus solely on posture.

CISO Takeaways: Sysdig's 2024 Cloud-Native Security and Usage Report

After a year of cyber attacks making headlines worldwide, many organizations, such as MGM Resorts, Clorox, and T-Mobile, have taken a reputational hit similar to SolarWinds. Sysdig’s 2024 Cloud-Native Security and Usage Report provided some informative key takeaways that CISOs can hone in on to improve their security posture. As a CISO, you do not want to catch your organization on that list; mitigating reputational risk is a part of your job.

Cloud Threats deploying Crypto CDN

The Sysdig Threat Research Team (TRT) discovered a malicious campaign using the blockchain-based Meson service to reap rewards ahead of the crypto token unlock happening around March 15th. Within minutes, the attacker attempted to create 6,000 Meson Network nodes using a compromised cloud account. The Meson Network is a decentralized content delivery network (CDN) that operates in Web3 by establishing a streamlined bandwidth marketplace through a blockchain protocol.

Sysdig integration with Backstage

Developers are frequently tasked with working with multiple tools in the cloud-native era. Each of these tools plays a crucial role in the application life cycle, from development to deployment and operations. However, the sheer variety and diversity of these tools can increase the likelihood of errors or the accidental inclusion of critical vulnerabilities and misconfigurations.

Customers Rate Sysdig 5 Out of 5 in Gartner Voice of the Customer for Cloud Security Posture Management Tools

As more and more workloads move to the cloud, the attack surface security teams need to secure has grown exponentially. To guard the massive perimeter of the cloud, you need to position your cloud infrastructure to be as safe as possible by default.

Celebrating Falco's Journey to CNCF Graduation

In the late 1990s, the rapid expansion of computer networks highlighted the need for affordable network visibility tools. The Berkeley Packet Filter (BPF) emerged as a significant advancement, enabling packet capture and filtering within the BSD operating system. BPF is the precursor of today’s widely used eBPF, and was originally released together with an accompanying library, libpcap.

Container Drift Detection with Falco

DIE is the notion that an immutable workload should not change during runtime; therefore, any observed change is potentially evident of malicious activity, also commonly referred to as Drift. Container Drift Detection provides an easy way to prevent attacks at runtime by simply following security best practices of immutability and ensuring containers aren’t modified after deployment in production.