Sysdig Enhances Cloud-Native Intelligence Platform
March 05, 2019

Sysdig announced new features for its Cloud-Native Intelligence Platform focused on helping enterprises transition to containers, reduce security risks, increase compliance posture, and improve DevOps efficiency.

Sysdig extends compliance metrics and the Kubernetes audit events to a monitoring dashboard. Furthermore, compliance data will be available by default for all Sysdig customers, whether they are using Sysdig Monitor, Sysdig Secure, or the entire Sysdig Platform. With these added features, enterprises gain visibility into the performance, health, and compliance posture of their Kubernetes environment at a depth that no other cloud-native visibility or security solution can provide.

Today’s enhancements also add long-term compliance trending and dashboarding for Kubernetes and OpenShift environments and out-of-the-box frameworks for National Institute of Standards and Technology (NIST) 800-190 and PCI compliance standards. With Snyk integrations, Sysdig adds enhanced vulnerability management. This release also introduces Security Information and Event Management (SIEM) enrichment capabilities and guided compliance remediation. These out-of-the-box frameworks, integrations, and guided remediation allow customers to quickly and efficiently enforce and adhere to various compliance and security standards across their OpenShift and Kubernetes environments.

“By combining security and visibility data, we are giving enterprises a deeper, clearer view inside their containers. Unified data that supports both security and DevOps teams encourages better communication and ultimately improves DevOps efficiency. With this new product release, we accelerate enterprises’ ongoing transition to containers by giving them the rich data they need to monitor application health, ensure compliance, and reduce the risk of an attack on the environment,” said Loris Degioanni, CTO and Founder of Sysdig.

Key Customer Benefits

- Support for New Compliance Frameworks: By adding out-of-the-box NIST 800-190 and PCI bundles, enterprises have confidence knowing their containers and images meet specific compliance standards. NIST 800-190 and PCI scanning policies can be leveraged pre-deployment to scan images early in the CI/CD pipeline and can also be used to assess whether images running in production are compliant. In the event images no longer meet compliance, DevOps and security teams will be alerted.

- Guided Remediation for Compliance: In the event of a Center for Internet Security (CIS) Kubernetes and Docker benchmark configuration drift, users can leverage guided remediation tips in Sysdig to apply best practices for maintaining compliance, saving security professionals time when issues arise.

- New Compliance Dashboards: Sysdig users will have access to more than 90 compliance metrics. By extending compliance to Sysdig’s monitoring dashboards, DevOps have access to more information for better decision making and they can quickly visualize patterns and trends in their compliance posture.

- New Kubernetes Audit Dashboards: In December, Sysdig released Sysdig Secure 2.2, the first cloud-native security technology to tap the Kubernetes audit policy to create an additional feed of events. Sysdig has turned these events into metrics that give customers the ability to see long-term compliance posture trends in customizable dashboards, making is easier and quicker to ensure compliance.

- SIEM Enrichment Capabilities: Sysdig is able to reduce alert fatigue by providing Security Operations Center (SOC) analysts the ability to prioritize alerts based on Sysdig triggered events. With this prioritization, DevOps teams will be able to better judge what warrants their attention and ultimately save time.

- Enhanced Vulnerability Management with Snyk Integration: Sysdig ingests Snyk feeds to provide visibility into vulnerabilities for non-OS based packages, including Python, NPM, and Ruby to surface and bring attention to dependencies sooner, enabling DevOps to fix vulnerabilities before they are exploited.

Share this

Industry News

November 13, 2019

Testim introduced the Testim Development Kit, a new way for developers to quickly create resilient tests directly in code.

November 13, 2019

Rollbar announced an error monitoring solution for Salesforce’s Apex platform.

November 13, 2019

StackRox announced version 3.0 of the StackRox Kubernetes Security Platform.

November 12, 2019

VMware announced rapid advancement of VMware Tanzu, a new portfolio of products and services designed to transform the way enterprises build, run and manage software on Kubernetes.

November 12, 2019

SmartBear released ReadyAPI 3.0. This latest release addresses the increasing requirement for organizations to consistently deliver high-quality APIs in order to meet accelerated business demands within compressed release cycles.

November 12, 2019

Aqua Security announced its expansion into cloud security posture management (CSPM) with its acquisition of CloudSploit.

November 07, 2019

To help developers increase the speed and quality of their SQL coding, enhance efficiency, and take advantage of the latest improvements in SQL Server, Redgate has released a major upgrade for its most popular tool, SQL Prompt.

November 07, 2019

CloudBees announced a partnership with Atos and VMware surrounding a solution to help customers adopt DevOps best practices at scale on Atos’ recently announced Atos Digital Hybrid Cloud (DHC) powered by VMware Tanzu and CloudBees cloud native continuous integration/continuous delivery (CI/CD) enterprise solution.

November 07, 2019

Fugue announced the release of the Fugue Best Practices Framework to help cloud engineering and security teams identify and remediate dangerous cloud resource misconfigurations that aren’t addressed by common compliance frameworks.

November 06, 2019

Red Hat and the Quarkus community announced Quarkus 1.0.

November 06, 2019

Copado announced its Winter 20 release to provide Salesforce customers the fastest path to continuous innovation.

November 06, 2019

Applause announced its new solution for AI training and testing.

November 05, 2019

Broadcom announced an expanded collaboration with Infosys to help SAP customers mitigate risks and costs associated with the upgrade to SAP’s next-generation enterprise resource planning application, S/4HANA.

November 05, 2019

Opsani AI is now generally available for services providers running on Microsoft's Azure cloud computing platform.

November 05, 2019

Wind River announced the release of its latest version of Wind River Simics.