Sysdig announced
the Sysdig Cloud-Native Visibility and Security Platform
(VSP) 2.0. This new release provides enterprises with the first and
only unified view of the risk, health, and performance of their cloud-native
environments. With this rich-data platform, service owners, DevOps, and
security teams have access to a single source for performance metrics,
compliance dashboards, security events, and more to eliminate risk and resolve
problems fast. Sysdig fills the cloud-native visibility gap that emerged
because legacy security and performance products are blinded by cloud-native
architectures.
The
Sysdig Visibility and Security Platform 2.0: A New Look at Cloud-Native Data
Enterprises
have struggled in the transition to production because they need vast amounts
of data and context to understand if their Kubernetes-based microservices are
running reliably and securely. Each team involved in operating services -
service owners, DevOps, and security teams - previously relied on their own set
of isolated tools to get a narrow view of their environment.
With
Sysdig VSP 2.0 these issues are eliminated with a single, comprehensive view of
the enterprise environment which provides risk, health, and performance data
across thousands of clusters for many thousands of microservices.
According
to a new report by analysts at 451 Research, "Tools that were designed for
monolithic applications running on a relatively simple, vertical stack no
longer suffice in increasingly complex environments, comprised of containers,
microservices, third-party services, and multiple clouds. The modern,
cloud-native world requires an entirely new perspective, enabled by new
organizational models and tools designed to deliver visibility into this
dynamic environment."
451
Report: "A Single Source of Truth for Cloud-Native Development,
Operations and Security."
"We
work daily with the world's largest financial institutions, government
organizations, and media companies. They are all looking for ways to embrace
DevSecOps to break down the communication and cost inefficiencies among team
silos," said Payal Chakravarty, vice president of product management at Sysdig.
"Based on their feedback, we created Platform 2.0 to
analyze thousands of microservices and dynamically highlight the ones that have
performance or security issues that need immediate attention. With a single,
operational view to surface performance, compliance, vulnerabilities, and
policy data, users are able to triage issues faster, reduce alert noise, and
gain massive operational efficiency."
Using
the Overview App on Sysdig's platform, an enterprise can get an aggregated view
of this information tuned to different use cases:
- Service owners can
ensure that they are shipping reliable, compliant, and vulnerability-free
code pre-production, while understanding the performance of their code in
production and whether bottlenecks are slowing downstream services.
- Platform operations and
DevOps teams can ensure services are performing well while managing
capacity allocation, infrastructure performance, and compliance across all
clusters.
- Security teams can get a
single, comprehensive view into vulnerability management, compliance, and
run-time policy violations.
This
overview then provides deep contextual information that allows users to dive
deep into Sysdig Secure and Sysdig Monitor to analyze performance metrics,
compliance dashboards, security forensics, and more to isolate and remediate
problems faster than ever before.
Enterprise
Scale and Control
As
enterprises rapidly embrace a cloud-native architecture, they require a level
of scale not provided by legacy vendors or existing niche container tooling.
With
VSP, Sysdig further scales and simplifies the act of instrumenting, collecting,
and storing the granular data required to secure and manage containerized
microservices. Alongside this data lives two orders of magnitude more
contextual information, for which Sysdig has designed its system to handle
natively:
- A single agent based on
the extended Berkeley Packet
Filter (eBPF) to collect context-rich and deep performance
and security data from hosts, containers, orchestrators, network, process,
and files across clouds.
- A single, horizontally
scalable data platform that ingests, analyzes, and provides operational
insights across billions of data points.
- Multi-cloud design that
allows Sysdig to run anywhere while securing applications across many
clouds.
- Reduce operational
overhead by 67 percent or more by eliminating the need for multiple tools.
- Enterprise controls such
as Lightweight Directory
Access Protocol (LDAP) and service-based access controls.
"By
taking advantage of cloud-native architectures, enterprises can right many of
the wrongs of legacy technology," said Loris Degioanni, founder and chief
technology officer of Sysdig. "Sysdig's contribution is closing the visibility
gap with a single platform that unifies performance and security data with all the
context needed for highly distributed, ephemeral microservices. We've unlocked
all this data for any use case, and we did it while reducing the
instrumentation tax that enterprises are used to paying for safety and
security."
Sysdig
built its platform with an open core, leveraging Falco, Prometheus, and Sysdig
Inspect as core cloud-native building blocks for its enterprise-class product.
Continued
Embrace of the Kubernetes Ecosystem
Sysdig's
history of supporting the Kubernetes and cloud-native ecosystem goes back to
2015. With VSP, Sysdig extends its leadership position in making Kubernetes
even friendlier for the enterprise.
Key
new Kubernetes-related features include:
- Enhanced Kubernetes
monitoring and security with new out-of-the-box dashboards for capacity
planning, control plane health and compliance trends, new default alerting
rules, Kubernetes benchmark results, out-of-the-box Kubernetes audit
policies, and integration with Kubernetes admission controllers.
- Support for new runtimes
such as CRI-O and containerd.
- A topological view that
dynamically understands Kubernetes orchestration, combining compliance
violations, network connections, and performance metrics to provide a more
holistic infrastructure status.
- The ability to use
Kubernetes metadata to search, correlate, and scope events to narrow down
root cause or assess risk profiles.
- Downstream integration
forwards events to security
information and event management (SIEM) tools such as Splunk.
Availability
A
preview version of VSP 2.0 will be released next month. Sysdig products are
priced per host secured and monitored. Pricing starts at $30/host/month, billed
annually.