The Gartner 2021 Hype Cycle for Cloud reports 99% of breaches start with cloud misconfigurations. Thus, having a philosophy of protecting just traditional endpoints – servers, laptops, desktop PCs, and mobile devices – with EDR (Endpoint Detection and Response) software is not enough. Sysdig has teamed up with multiple security organizations in the cloud security ecosystem to offer comprehensive security solutions.

Calico has recently introduced a powerful new policy recommendation engine that enables DevOps, SREs, and Kubernetes operators to automatically generate Calico policies to implement namespace isolation and improve the security posture of their clusters.

As modern software becomes increasingly cloud-based and containerized, application security tools must adapt to meet new challenges and provide security coverage across the software development lifecycle (SDLC). The use of container platforms like Docker and orchestration tools like Kubernetes inherently solves some security concerns – but containers are not without risk, and can even inject some new risks into your organization’s software.

Organizations modernizing applications in the cloud find themselves drowning in vulnerabilities. There are too many alerts and not enough time to address them all. Sysdig and Checkmarx announced a partnership today focused on solving this problem.

You will learn how to use the Enterprise OPA Enhanced Decision Logs feature to configure Enterprise OPA (EOPA) to upload decision logs to an AWS S3 bucket so that they can be queried using AWS Athena. In mid to large sized deployments of EOPA, immense quantities of decision logs can be generated, necessitating big data tools such as Athena. This can be useful for security breach auditing, auditing access decisions, and for business intelligence in general.

Kubernetes has become one of the most popular platforms for running cloud-native applications. This popularity is due to several factors, including its ease of use and ability to handle stateless applications. However, running stateful applications, such as databases and storage systems, on Kubernetes clusters is still debatable. In other words, does Kubernetes and its containerized ecosystem provide a solid and reliable infrastructure to run such critical applications?

The migration to microservice architecture from monolithic applications is happening en masse as enterprises realize its scalability and efficiency benefits. According to an IBM report1, 56% of nonuser organizations plan on adopting the microservice architecture by 2023. Breaking an application into small, loosely coupled services lets independent teams quickly design and deploy these components.

The microservices architecture provides developers and DevOps engineers significant agility that helps them move at the pace of the business. Breaking monolithic applications into smaller components accelerates development, streamlines scaling, and improves fault isolation. However, it also introduces certain security complexities since microservices frequently engage in inter-service communications, primarily through HTTP-based APIs, thus broadening the application’s attack surface.

Let’s say you’ve built a PHP application, but you want to separate it from supporting infrastructure in a way that keeps things lightweight, portable, and still quite secure. You’d like other developers to be able to work on it without having to recreate whole environments. In short, what you want to do with your application is containerize it — package it and its dependencies into containers that can be easily shared across environments.