Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

It is important that enterprises comply with audits. They help build trust in many of society’s most foundational organizations by creating transparency, accountability, and improving business practices. At the same time, enterprise scale compliance is really hard to get right.

Effectively responding to cloud security incidents can be daunting for organizations expanding rapidly in the cloud. Whether you face a policy violation or an active threat, quick and reliable alerting and response are essential to keeping cloud services secure and available. For many organizations, Sysdig and PagerDuty each play a critical role in automating DevSecOps and helping modern IT operations and security teams respond effectively.

On March 14, 2025, StepSecurity uncovered a compromise in the popular GitHub Action tj-actions/changed-files. Tens of thousands of repositories use this action to track file changes, and it is now known to have been tampered with, posing a risk to both public and private projects. A CVE has been created for this issue: CVE-2025-30066.

We recently had a prospect that wanted to test our image and application recover capabilities, in a multi-cloud architecture. Currently they were using an internal OpenShift image registry to store their images, and they wanted/needed to migrate all their applications to a new cluster, and also wanted to use Red Hat’s quay.io to store the images from now on. This proved a very easy task for Trilio, as when we protect applications, we also protect the images.

The Shadowserver group recently identified over 41,500 internet-exposed VMware ESXi hypervisors vulnerable to CVE-2025-22224, a critical Time-of-Check Time-of-Use (TOCTOU) code execution attack. The attackers who gain administrative access to a compromised VM can exploit this flaw to execute arbitrary code on the hypervisor, gaining full control over all hosted VMs and networked assets. Broadcom released emergency patches for ESXi and Workstation products to remediate the flaw.

Sysdig’s 2025 Cloud-Native Security and Usage Report identifies promising trends in how organizations are developing, using, and maintaining everything within their cloud environments. The eighth annual report shares the results of an analysis of millions of containers and cloud accounts. This year’s findings reveal several key areas that have improved, including cloud threat detection and response, AI security, and vulnerability management.

In the rapidly evolving world of Kubernetes, network security remains one of the most challenging aspects for organizations. The shift to dynamic containerized environments brings challenges like inter-cluster communication, rapid scaling, and multi-cloud deployments. These challenges, compounded by tool sprawl and fragmented visibility, leave teams grappling with operational inefficiencies, misaligned priorities, and increasing vulnerabilities.

In today’s technology landscape, security leaders often find themselves under immense pressure: their resource-constrained teams are expected to mitigate growing risks, navigate complex infrastructures, and implement best practices, all while justifying their value to executive leadership.

You want to know the real answer to two questions about Docker security.