Sysdig Announces Intent to Acquire Apolicy
July 20, 2021

Sysdig announced intent to acquire Apolicy to shift security further left and expand the Sysdig offering to include Infrastructure as code (IaC) security.

Sysdig customers secure the DevOps cycle from build through production. Apolicy complements these capabilities by strengthening cloud and Kubernetes security with compliance and governance enforcement via policy as code, auto-remediation of drift to close the loop from production to source, and faster issue resolution with risk-based prioritization.

IaC Security Benefits with Apolicy Acquisition for Sysdig’s Customers:

- Enforce compliance and governance via policy as code from source to production: Apolicy provides the ability to apply consistent policies and best practices across multiple IaC, cloud and Kubernetes environments. Customers can now bridge the gap between developers, DevOps and security teams with a unified view of security requirements using policy as code. Automating compliance by enforcing OPA-based policies via Kubernetes admission controller puts the control back in the hands of the user.

- Auto-remediate drift and close the loop from production to source: With the addition of Apolicy, customers can now detect runtime drift and instantly map it back to the IaC configuration (source) file. This dramatically increases developer productivity by auto-remediating the IaC configuration source with a simple pull-request and allows for enforcing policy consistently across teams.

- Fix issues faster with risk-based prioritization: Consolidating alerts by identifying the production instances that are affected by the IaC error and prioritizing IaC fixes based on application context, allows users to prioritize remediation efforts. Rich application context makes it easy to identify owners who can fix misconfigurations.

The Apolicy team, including the founders Maor Goldberg, CEO, Eran Leib, VP Product Management, and Shlomi Wexler, VP R&D will join the Sysdig team. The Apolicy product offering will be incorporated as part of the Sysdig Secure DevOps Platform.

The Sysdig Secure DevOps Platform addresses the challenges of securing containers, Kubernetes, and public cloud infrastructure. Sysdig is trusted by hundreds of leading enterprises, including Worldpay by FIS, Yahoo Japan, IBM, and JW Player to confidently run modern cloud applications while managing security risks and meeting compliance requirements.

“Most breaches are caused by configuration errors. Our customers want a single platform that detects configuration errors pre-deployment and identifies drift in production,” said Suresh Vasudevan, CEO, Sysdig. “With Apolicy...Sysdig delivers a secure DevOps workflow for infrastructure and workloads and automatically closes the loop from production to source by fixing issues identified at runtime.”

"We founded Apolicy with the purpose of securing Kubernetes from source to production through risk identification, remediation, and policy enforcement," said Maor Goldberg, CEO, Apolicy. “Together we will bring customers one end-to-end cloud native security platform that is built on open source.”

Share this

Industry News

July 29, 2021

Couchbase announced the general availability of Couchbase Server 7.

July 29, 2021

Cycloid has unveiled Infra Import, a tool that automatically reverse engineers Terraform Infra-as-Code (IaC) from manually deployed infrastructure.

July 29, 2021

Launchable closed a $9.5 million Series A investment.

July 29, 2021

Rafay Systems announced automation and monitoring enhancements to its flagship Kubernetes Management Cloud (KMC).

July 28, 2021

Progress announced the R2 2021 release of Progress Telerik Test Studio, the enterprise UI test automation platform.

July 28, 2021

Synopsys announced the availability of new Rapid Scan capabilities within the company's Coverity static application security testing (SAST) and Black Duck software composition analysis (SCA) solutions.

July 28, 2021

Bitdefender announced GravityZone Security for Containers, expanding its cloud workload security (CWS) offering with run-time support for containers and Linux kernel independence.

July 28, 2021

Armory announced Armory Enterprise on AWS Quick Starts, automated reference deployments built by Amazon Web Services (AWS) solutions architects and AWS Partners.

July 27, 2021

Katalon introduced Katalon TestOps, an open and comprehensive test orchestration platform designed to help enterprises scale test automation and streamline DevOps pipelines.

July 27, 2021

Digital.ai achieved Federal Risk and Authorization Management Program (FedRAMP) “In Process” status for an Enterprise Agile Planning (EAP) tool.

July 27, 2021

Aqua Security rolls out the availability of its new Aqua Platform, with a unified console to ease the journey from scanning and visibility to workload protection in cloud native environments.

July 26, 2021

Parallel Agile announced a new version of CodeBot, a low-code MERN stack application generator.

July 26, 2021

Appian unveiled its new Appian Japan regional office.

July 26, 2021

CloudTruth raised $5.25 million in seed funding led by Glasswing Ventures and Gutbrain Ventures, with additional funding from Stage 1 Ventures and York IE.

July 22, 2021

Postman successfully obtained the System and Organization Controls (SOC) 2 Type 2 and SOC 3 Type 2 reports for the Postman API platform, meeting critical industry standards relative to the Trust Services Criteria for security, availability, and confidentiality.