Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Sysdig

AWS threat detection using CloudTrail and Sysdig Secure

Implementing AWS threat detection with Sysdig Secure takes just a few minutes. Discover how to improve the security of your cloud infrastructure using AWS CloudTrail and Sysdig Cloud Connector. With the rise of microservices and DevOps practices, a new level of dangerous actors threatens the cloud environment that governs all of your infrastructure. A malicious or inattentive cloud API request could have a sizable impact on availability, performance, and last but not least, billing.

Securing and Monitoring AWS Container Services

Developers, operations, and security teams must work together to address key workflows to secure and monitor containers, Kubernetes and cloud services across the entire cloud-native lifecycle. By addressing mage scanning, runtime security, and compliance, along with monitoring for Kubernetes, container, applications, and cloud services you can automate protection and performance management to accelerate cloud adoption.

Manage AppArmor profiles in Kubernetes with kube-apparmor-manager

Discover how Kube-apparmor-manager can help you manage AppArmor profiles on Kubernetes to reduce the attack surface of your cluster. AppArmor is a Linux kernel security module that supplements the standard Linux user and group-based permissions to confine programs to a limited set of resources. AppArmor can be configured for any application to reduce its potential attack surface and provide greater in-depth defense.

Detecting CVE-2020-14386 with Falco and mitigating potential container escapes

On September 14, CVE-2020-14386 was reported as a “high” severity threat. This CVE is a kernel security vulnerability that enables an unprivileged local process to gain root access to the system. CVE-2020-14386 is a result of a bug found in the packet socket facility in the Linux kernel. It allows a bad actor to trigger a memory corruption that can be exploited to hijack data and resources and in the most severe case, completely take over the system.

Secure and monitor AWS Outposts and hybrid clouds

Today we announced that Sysdig has demonstrated successful integration of our monitoring and security software with AWS Outposts and achieved the AWS Outposts Ready designation. AWS Outposts provides a fully managed service that extends AWS infrastructure, services, APIs, and tools to your datacenter, co-location space or “edge” location to support on-prem and hybrid cloud use cases. AWS Outposts provides a hardware and software stack built on Amazon’s EC2 public cloud expertise.

Secure and monitor your containers on Bottlerocket from AWS

Sysdig is pleased to support AWS today in their GA launch of Bottlerocket, a special-purpose operating system designed for hosting Linux containers. Orchestrated container environments run potentially hundreds of compute nodes. Operating general-purpose Linux on container hosts introduces complexity for IT teams who must patch and update packages across their clusters. Worse, features and packages that are not necessary for running containers, introduce unnecessary security exposure.

Sysdig 2020 Container Security Snapshot: Key image scanning and configuration insights

Today, we are excited to share our Sysdig 2020 Container Security Snapshot, which provides a sneak peak into our upcoming 2020 Container Usage Report As containers and Kubernetes adoption continue to increase, cloud teams are realizing they need to adopt a new workflow that embeds security into their DevOps processes. Secure DevOps, a variation of DevSecOps, embeds security and monitoring throughout the application lifecycle, from development through production.