What's new in Sysdig Secure: January 2020
We’ve been busy this New Year (a rather warm one in San Francisco) to bring you exciting new ways to secure your DevOps journey. Read on for the details and see how you can put them to use!
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Sysdig
RBAC support with Sysdig Secure
We often hear from our customers that to adopt a container and Kubernetes security tool in any mid sized or large organization, separation of duties and least privilege access via RBAC is a must. Admin roles cannot be granted unnecessarily to all teams. If users or groups are routinely granted these elevated privileges, account compromises or mistakes can result in security and compliance violations.
IBM and Sysdig team up to extend security governance with IBM Cloud Pak for Multicloud Management
Sysdig, an industry leader for monitoring and security of cloud-native workloads, and IBM have joined forces to bring a fully Integrated powerful platform that delivers the security and performance that enterprises need in today’s multi-cloud world. Sysdig Secure and the IBM Cloud Pak for Multicloud Management (MCM) can help you accelerate Kubernetes and cloud adoption by addressing security and regulatory compliance from the start on enterprise hybrid cloud environments.
Sysdig Closes $70M in Series E Funding to Enable Enterprises to Confidently Secure Cloud-Native Workloads in Production
Investment fuels company's leadership as the most advanced Kubernetes security tool to embed security, maximize availability, and validate compliance
Falco is the First Runtime Security Project to Join the CNCF Incubator
Falco, originally created by Sysdig in 2016, is approved to join the CNCF Incubator after a 257 percent increase in downloads. The CNCF's only open source Kubernetes runtime security project has more than 8.5 million downloads as runtime security becomes cemented as a standard component of the cloud-native stack.
Protection from malicious Python libraries jeilyfish and python3-dateutil
Two malicious Python libraries, jeilyfish (with a capital i and a lowercase L in the original name) and python3-dateutil, were detected on PyPI (Python Package Index) on December 1st. They were typosquatting similar named legitimate libraries jellyfish (with a double lowercase L) and python-dateutil libraries, a malicious technique aiming to trick developers to use the similar named modified libraries.
The 5 Must-Do's When Implementing Cloud-Native Security in Red Hat OpenShift
Security is one of the biggest challenges in the day 2 operations journey for the cloud-native stack. New paradigms like containers, microservices and hybrid cloud workloads disrupt the way enterprises implement security processes.
Modern compliance with Sysdig Secure DevOps Platform
Authorization to Operate (ATO) in a day and on-going authorization are compliance nirvana. The ATO is the authorizing official’s statement that they accept the risk associated with the system running in production environments using live business data. The idea that all of the information necessary to make a risk decision is at hand and can be consumed by decision makers is what every compliance program is trying to achieve.
Inline Image Scanning for AWS CodePipeline and AWS CodeBuild
In this blog post you’ll learn how to set up image vulnerability scanning for AWS CodePipeline and AWS CodeBuild using Sysdig Secure DevOps Platform. AWS provides several tools for DevOps teams: CodeCommit for version control, CodeBuild for building and testing code, and CodeDeploy for automatic code deployment. The block on top of all these tools is CodePipeline that allows them to visualize and automate these different stages.
AWS ECR Scanning with Sysdig Secure
As container adoption in AWS takes off, ECR scanning is the first step towards delivering continuous security and compliance. You need to ensure you are scanning your images pulled from AWS ECR for both vulnerabilities and misconfigurations so that you don’t push applications running on AWS that are exploitable.