Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Sysdig

Reduce resolution time for container vulnerabilities with ServiceNow & Sysdig

Today, security and development teams are drowning in vulnerabilities. Most security tools identify issues, but don’t provide reliable prioritization or simplify remediation. To help solve these challenges, Sysdig runtime vulnerability management – part of Sysdig’s Cloud Native Application Protection Platform (CNAPP) – provides a runtime image scanner coupled with an eBPF probe to analyze container behavior and identify the vulnerable packages that are in use at runtime.

Sysdig Live: Are you prepared for the new SEC Cyberattack Disclosure Guidelines?

🚨�������� �������������� ���� ����������������! 🚨 �������� ������������ ������ �������� ���� ���������� �������� �������� ������ �������� �������� ��������? ⏳ Join us for an upcoming Sysdig Live featuring a panel discussion between industry experts Matt Stamper, CIPP/US, CISA, CISM, CRISC, CDPSE, QTE (CEO, Executive Advisors Group, LLC), Karen Walker (CFO, Sysdig), and Michael Isbitski (Director of Cybersecurity Strategy, Sysdig), as they unpack the upcoming SEC guidelines on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure.

Proxyjacking has Entered the Chat

Did you know that you can effortlessly make a small passive income by simply letting an application run on your home computers and mobile phones? It lets others (who pay a fee to a proxy service provider) borrow your Internet Protocol (IP) address for things like watching a YouTube video that isn’t available in their region, conducting unrestricted web scraping and surfing, or browsing dubious websites without attributing the activity to their own IP.

How to Detect SCARLETEEL with Sysdig Secure

The recent SCARLETEEL incident highlights the importance of detecting security threats early in the development cycle. With Terraform state files, attackers can easily access sensitive information and gain unauthorized access to your cloud infrastructure. In this case, the attackers exploited a containerized workload and used it to perform privilege escalation into an AWS account, stealing software and credentials.

CSI Container: Can you DFIR it?

Do you like detective series? Have you ever thought about them actually taking place in cybersecurity? What do you think of CSI on containers? Are you interested in how to apply Digital Forensics and Incident Response (DFIR) to containers and clusters? If all your answers are YES, you will love this article. The CloudNative SecurityCon occurred in early February 2023, where leading security experts gathered to present their latest research and projects.

SANS Cloud-Native Application Protection Platforms (CNAPP) Buyers Guide

The SANS Cloud-Native Application Protection Platforms (CNAPPs) Buyers Guide gives companies a deep dive into what to look for in a CNAPP solution. As organizations continue to shift towards integrated platform-based solutions for their cloud security needs, it becomes critical to evaluate whether a CNAPP solution meets all the requirements across use cases like posture management, permissions management, vulnerability management, and threat detection and response.

Guidelines: How to reduce the noise of Falco rules in Sysdig Secure

Rule tuning is one of the most important steps during the definition of the security posture. With the detection rules, it’s impossible to use a “one fits all” approach: every customer has a unique environment, with its peculiarities and business needs. So, when a new rule is released it’s crucial to understand the security use case behind the detection and reduce the false positives (FP) as much as possible. The Threat Research Team constantly checks if noise occurs.

What is Digital Forensics Incident Response? | Security Expert Reacts to DFIR

Digital Forensics and Incident Response? (DFIR) is the cybersecurity field that defines the process and the best practices to follow in order to deal with a cyber attack or a security breach. Join Miguel, a security expert watching a video about a cyber detective investigating a kubernetes breach, and find out what the culprit was!

Terraform Security Best Practices

Terraform is the de facto tool if you work with infrastructure as code (IaC). Regardless of the resource provider, it allows your organization to work with all of them simultaneously. One unquestionable aspect is Terraform security, since any configuration error can affect the entire infrastructure. In this article we want to explain the benefits of using Terraform, and provide guidance for using Terraform in a secure way by reference to some security best practices. Let’s get started!

Chaos Malware Quietly Evolves Persistence and Evasion Techniques

The name Chaos is being used for a ransomware strain, a remote access trojan (RAT), and now a DDoS malware variant too. Talk about chaos! In this case, Sysdig’s Threat Research Team captured attacks using the Chaos variant of the Kaiji botnet malware. There is very little reported information on this malware since September 2022, perhaps because of the unfortunately chaotic naming, or simply because it is relatively new. Kaiji malware was of Chinese origin in 2020 and is written in Golang.