Sysdig, Inc., the cloud-native intelligence company, introduced today Sysdig Secure 2.0,
the most powerful way for enterprises to secure containers and
microservices. The latest version adds vulnerability management, more
than two hundred compliance checks, and security analytics. The Sysdig
Cloud-Native Intelligence Platform is the only technology to offer
unified security, monitoring, and forensics for containers and
microservices, giving users a robust view of the health and risk
profiles of their cloud-native applications.\
Development
today is more rapid, dynamic, and distributed, with pressure to build
and adapt to change as quickly as possible. Security is often left until
later in the cycle, leading to vulnerabilities after going into
production. Sysdig Secure's vulnerability management capabilities help
organizations bring application security, compliance, and quality closer
to the developer. Sysdig Secure ensures that as companies scale, their
security scales at the same rate, allowing DevOps to deploy knowing all
images and containers are vulnerability free, the microservices are in
compliance, and they can defend their applications from compromise.
"If
you're moving into the cloud, there's so much about the process, the
people, and the organization you need to change," said Nicolas Kramer,
infrastructure team product owner, Quby. "The way Sysdig delivers
security means we have one thing less to worry about."
Vulnerability Management
- Static image scanning - Sysdig
Secure 2.0 can parse container images and identify vulnerable packages,
libraries, and configurations before a deployment, ultimately enabling a
more secure environment and driving consistent processes across
development teams.
- CI/CD integrations - Sysdig
Secure 2.0 adds a native Jenkins plugin, which adds a Sysdig Secure
step to the CI pipeline and enables companies to automate container
image scanning. With each fail build, the system automatically evaluates
the image against policy and forces compliance before an image
progresses in the pipeline.
- Quarantine or kill vulnerable images - Sysdig
Secure 2.0 can take actions like killing or quarantining a container if
vulnerabilities or exposed credentials are found, reducing the risk of a
security breach.
- Runtime vulnerability management and scanning - Sysdig
Secure 2.0 manages, tracks, and updates vulnerability data for
containers in production. Sysdig Secure 2.0 also enriches it with
Kubernetes metadata to provide context when fixing vulnerabilities
across distributed applications.
Compliance
Sysdig
Secure 2.0 eases the pain of measuring and enforcing compliance across a
distributed environment through compliance controls, audit checks,
policies, and results. Sysdig automatically scans the infrastructure
with requirements based on Center for Internet Security (CIS)
configurations and hardening benchmarks. Sysdig allows users to scope
and schedule Docker and Kubernetes benchmarks to measure and maintain
compliance.
Security Analytics
Effective
container runtime security hinges on security response teams being able
to quickly detect, analyze, and respond to security threats on live
containers - from detection, to remediation, to forensics. Sysdig Secure
2.0 provides rich metrics about events, compliance, and vulnerabilities
over time, enabling deeper analytics and a better understanding of the
environment. Security metrics tied back to containers, images, hosts,
and Kubernetes entities enable users to easily determine how different
organizations, applications, and services are trending in the security
posture.
"Due
to the newness of containers and the dynamic environment, container
security for cloud-native applications poses several new challenges,"
said Loris Degioanni, CTO and founder, Sysdig. "Sysdig Secure 2.0
ensures that developers, operations, and risk professionals have a
single source of intelligence to monitor and secure their applications."
Availability
Sysdig Secure is available as a standalone technology or as a part of the unified Sysdig Cloud-Native Intelligence Platform, which includes Sysdig Monitor.
Sysdig Secure 2.0 is currently available as a private beta. For
information on Sysdig, specifications, a demo, and other offerings,
visit www.sysdig.com.