Sysdig announced ToDo,
an actionable checklist showing prioritized risks, and Remediation Guru,
guided remediation at the source. This is the industry's first
cloud security posture management (CSPM)
offering that aggregates security findings by root cause and
prioritizes remediation based on impact. ToDo saves time during
investigations and Remediation Guru allows security and DevOps teams to
fix issues in seconds with just a few clicks.
Organizations
often have hundreds of cloud accounts and services spread across
multiple cloud environments. They are automating deployment of cloud
services using Infrastructure as Code (IaC). If the IaC template has a
configuration error, the same error is often replicated across cloud
environments, generating multiple alerts and overwhelming security
teams.
Compounding
the problem, policies and controls often cannot be applied across
environments. This results in inconsistent policies across the
organization for different parts of the software delivery pipeline. The
lack of agnostic controls across the technology stack increases
management complexity.
With
Sysdig, security teams can rapidly find, prioritize, and remediate
security issues. ToDo aggregates risks that have the same root cause and
provides opinionated prioritization that reduces time spent on
investigation. However, teams not only need help identifying the risks
and focusing their attention on what matters, but they also need
assistance implementing the fixes. Remediation Guru automatically
generates the suggested change to IaC templates that can be applied with
a single click so teams can get back to revenue-generating work.
Because Sysdig has a shared policy model, teams can efficiently and
consistently enforce policy across multiple cloud and Kubernetes
environments.
Key Benefits
- Manage cloud and Kubernetes inventory with a single view: Teams gain visibility into cloud assets across hybrid- and multi-cloud environments.
- Prioritize what matters with ToDo: ToDo prioritizes actions that remediate the greatest number of issues by consolidating based on root cause and impact.
- Save time using Remediation Guru to fix configuration risks: Remediation
Guru enables teams to fix at the source by approving automatically
generated pull requests that map misconfigurations in production to IaC
manifests.
- Adopt a shared policy model leveraging OPA: Sysdig
helps teams apply security policies using Open Policy Agent (OPA)
policy-as-code once across multiple cloud and Kubernetes environments.
Teams get a unified view of security requirements from source to
production, and can easily create custom OPA-based policies with a few
clicks.
"It
is the worst kept secret in cloud that security tools often overwhelm
teams with useless alerts that are not actionable," said Omer Azaria,
Vice President Security Engineering at Sysdig. "Customers cannot wait to
get their hands on ToDo prioritization and Remediation Guru, tools that
group issues and guide you to take the most impactful actions to
improve security posture. For example, 'making this change to your IAC
manifest file will cause 100 resources to pass a failing compliance
control.'"
Availability
Remediation
Guru is available as a tech preview to all Sysdig Secure customers.
ToDo is available on request. New customers gain access to ToDo and
Remediation Guru when purchasing Sysdig Secure.