Sysdig announced a 5-minute setup for
the Sysdig Secure DevOps Platform, a fast path to delivering container
and Kubernetes security and visibility with a SaaS-first offering. In
the first five minutes, the Sysdig agent
is installed, dashboards are ready to go, and visibility into
vulnerability, threats, and compliance issues are available. In this
time, cloud teams can activate the five essential workflows required
to securely operate cloud-native workloads. The workflows include image
scanning, Kubernetes and container monitoring, application and cloud
service monitoring, runtime security, and compliance. The latest release
by Sysdig helps organizations of all sizes get results quickly and
efficiently by giving customers guided onboarding as well as
out-of-the-box dashboards and integrations. Sysdig also announced today a
new Sysdig Essentials pricing tier, delivered as a SaaS solution, which
packages these five core workflows for secure DevOps.
As
cloud adoption matures, organizations are realizing that in order to
ship applications faster, they need to incorporate image scanning,
runtime security, and compliance, along with monitoring containers,
applications, and services into their DevOps process. However, the
reality is, organizations delay investments in security, compliance, and
monitoring as they fear it slows application deployment. As a result,
teams are forced into a reactive mode when performance and availability
issues impact applications in production. When customers or internal
risk management teams require proof of security risk management,
regulatory compliance, or worse, if a data breach occurs, organizations
have to scramble.
By
adopting a secure DevOps approach and turnkey tooling, organizations
can address visibility, security, and compliance requirements without
slowing down the release process. A best practice is using image
scanning that integrates directly into registries and the CI/CD pipeline
to efficiently manage risk. An analysis by Sysdig in June 2020 found
that more than half of the common vulnerabilities and exposures (CVE)
found in non-OS packages contain a CVE rating of "high" to "critical."
Images running as root is another risk that image scanning can identify.
The same analysis by Sysdig found that 58 percent of images scanned run
as root, indicating configuration issues that increase risk.
"Organizations
benefiting from migrating IT operations to public clouds need to
thoroughly review their security operations before releasing any new
code. Much of the microservices development is new. Code management
skill gaps exist and blindly releasing new functional capabilities will
likely introduce new vulnerabilities," said Frank Dickson, program vice
president, cybersecurity products, IDC.
A faster path to visibility, security, and compliance with curated workflows for cloud environments
Sysdig
is focused on making it easier to get started using a secure DevOps
workflow for container and Kubernetes environments. With the
announcement today, Sysdig simplifies onboarding for the most critical
security, compliance, and monitoring functions. Sysdig adds guided
onboarding, turnkey workflows, and pre-built integrations, policies, and
dashboards that reduce the time it takes for DevOps teams to get
insights. By helping shorten the time to value and setting a new bar for
onboarding efficiency, enterprises can rapidly meet key security,
compliance, and availability requirements across their various container
and Kubernetes environments.
The five essential workflows for secure DevOps
- Image scanning: Organizations
can manage security risk by finding and fixing vulnerabilities and
misconfigurations early in the DevOps process through image scanning.
Sysdig continuously scans images both within registries and CI/CD
pipelines and during production. This saves time by uniquely mapping
vulnerabilities to Kubernetes-based applications.
- Runtime security: Using
Falco, Sysdig enables organizations to detect threats at runtime
without impacting performance. Falco is the open source Kubernetes
runtime security project created by Sysdig and now a Cloud Native
Computing Foundation project.
- Compliance: Passing compliance audits can be time consuming and failing is costly. Organizations can continuously validate using out-of-the-box rules mapped against common compliance frameworks including PCI, NIST, and CIS.
- Kubernetes and container monitoring: With
Sysdig, cloud teams receive automatic alerts and detailed health and
performance information, including golden signals for clusters,
deployments, namespaces, and workloads. Deep visibility into container
activity enriched with cloud and Kubernetes context allows teams to
manage the complexity that is a reality in a containerized ecosystem.
- Application and cloud service monitoring with full Prometheus compatibility: By
leveraging native support for PromQL and Prometheus metrics, DevOps
teams can use the industry standard their developers prefer, without
running into scaling challenges. Out-of-the-box dashboards display
metrics from cloud services, databases, and other key components in
their application environment.
Sysdig
offers five additional workflows, which include advanced
troubleshooting, machine learning-based anomaly detection, threat
prevention, incident response and forensics, and extended compliance
controls. The advanced enterprise workflows include specialized
capabilities that yield greater efficiency for DevOps teams. Once a
cloud team has implemented the basics, they can move to more advanced
workflows that further strengthen security and resilience.
Single source of truth across development, DevOps, and security
The
Sysdig Secure DevOps Platform is the only unified security and
monitoring platform. With a single source of truth, Sysdig eliminates
silos of information between development, DevOps, and security teams.
With this approach, organizations can resolve issues quickly by
analyzing granular system data automatically correlated to cloud and
Kubernetes context.
In
light of shifting global dynamics, platform tools that combine use
cases have moved to the forefront of IT priorities in an effort to help
organizations control costs and improve efficiency. Sysdig enables
organizations to quickly address security, monitoring, and compliance
with a single tool and simple set up and onboarding.
New Sysdig Essentials tier as part of the SaaS offering covers core workflows
In
addition to the essential workflows introduced today, the latest Sysdig
release includes the Sysdig Essentials pricing tier for organizations
looking to start with the essential use cases. The Sysdig Essentials
tier provides a simplified on-ramp to a secure DevOps approach.
The
Sysdig Essentials tier is offered as SaaS only, whereas the enterprise
tier of the Sysdig Secure DevOps Platform is offered on-prem and as a
SaaS deployment. SaaS provides faster adoption, more efficient
management, and offers organizations security, compliance, and
monitoring at a lower cost. The new tier starts with a 14-day free
trial. All Sysdig products and tiers are priced per host/month. Full
pricing can be found on the Sysdig pricing page.
Availability
The
essential and advanced enterprise workflows for secure DevOps are
available now to all current customers and new customers. The Sysdig
Essentials pricing tier is available to new customers today.