Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Sysdig Sage for CDR: Accelerate analysis, investigation and response

Last year, Sysdig outlined our vision for an AI-driven cloud security assistant. Today, we are excited to announce Sysdig Sage for cloud detection and response (CDR), our new release that embodies our vision. Built upon the core principles we introduced, Sysdig Sage offers actionable insights for cloud environments, with a focus on CDR.

2024 Gartner CNAPP Market Guide: Runtime insights is a core pillar of cloud-native application protection platforms

As organizations continue to look for consolidated platforms to address their security needs, an important shift has happened. Customers have discovered that traditional tools focusing exclusively on static risks (such as misconfigurations, policy/control failures, and network exposure) are not enough to address today’s dynamic cloud threats.

Transforming enterprise data from leaky sieve to Fort Knox

Enterprises today face significant challenges in managing, governing, and securing corporate data. Data moves and is shared more ubiquitously than we likely recognize. Through the use of large language models (LLMs), shared with third-party vendors, or exposed on the dark web, there are blind spots that hinder the security and IT teams’ visibility into where data resides and how and by whom it’s accessed.

Introducing Layered Analysis for Enhanced Container Security

Containerized applications deliver exceptional speed and flexibility, but they also bring complex security challenges, particularly in managing and mitigating vulnerabilities within container images. To tackle these issues, we are excited to introduce Layered Analysis — an important enhancement that provides precise and actionable security insights.

Sysdig Threat Research Team - Black Hat 2024

The Sysdig Threat Research Team (TRT) is on a mission to help secure innovation at cloud speeds. A group of some of the industry’s most elite threat researchers, the Sysdig TRT discovers and educates on the latest cloud-native security threats, vulnerabilities, and attack patterns. We are fiercely passionate about security and committed to the cause. Stay up to date here on the latest insights, trends to monitor, and crucial best practices for securing your cloud-native environments.

CRYSTALRAY: Inside the Operations of a Rising Threat Actor Exploiting OSS Tools

The Sysdig Threat Research Team (TRT) continued observation of the SSH-Snake threat actor we first identified in February 2024. New discoveries showed that the threat actor behind the initial attack expanded its operations greatly, justifying an identifier to further track and report on the actor and campaigns: CRYSTALRAY. This actor previously leveraged the SSH-Snake open source software (OSS) penetration testing tool during a campaign exploiting Confluence vulnerabilities.

CVE-2024-6387 - Shields Up Against RegreSSHion

On July 1st, the Qualys’s security team announced CVE-2024-6387, a remotely exploitable vulnerability in the OpenSSH server. This critical vulnerability is nicknamed “regreSSHion” because the root cause is an accidental removal of code that fixed a much earlier vulnerability CVE-2006-5051 back in 2006. The race condition affects the default configuration of sshd (the daemon program for SSH).

Sysdig Customer Care Chronicles - Security Is A Team Sport

For the Sysdig Customer Success team, our mission is simple: ensuring that our customers get the most value from our product. Usually that means helping them use the product, answering questions, and requesting feature enhancements. In our line of work, sometimes you have to throw out the usual playbook to make things happen. This particular story started when we noticed a change in a customer’s agent usage.

Want Your Third Parties To Take Security Seriously?

In the last decade, outsourcing to third parties–especially in the gig economy–has taken over key functions that enterprises used to handle internally. Today’s companies are frequently virtual–using third-party services that span the likes of application development, back-office corporate functions, contract manufacturing and research, marketing, and core IT services.

NIST CSF 2.0 - SDLC for Continuous Improvement of Security

This is an analysis of the impacts and implications on cybersecurity practices, benefits, challenges, and how to deal with the transition to the new NIST CSF 2.0 framework. NIST released an update to its Cyber Security Framework (CSF) in February 2024. Two of the most obvious takeaways from this version are the addition of a new pillar and the expansion of its application beyond critical infrastructure.