San Francisco, CA, USA
Oct 13, 2021   |  By Alba Ferri
The ISO 27001 certification can make a difference when your business is tied with deploying cloud-native applications. Providing relevance and credibility in front of potential customers will show that your company takes security seriously, ensuring the client’s trust. We previously covered other compliance frameworks in our blog, like GDPR, HIPAA, NIST, and SOC 2. Those frameworks also show a strong commitment to security best practices.
Oct 12, 2021   |  By Álvaro Iradier
Sticking to container security best practices is critical for successfully delivering verified software, as well as preventing severe security breaches and its consequences. According to the 2020 CNFC Survey, 92 percent of companies are using containers in production, a 300 percent increase since 2016. Thus, Kubernetes, Openshift, and other container technologies are present everywhere. But aren’t containers meant to be safe and isolated? Well, kind of.
Sep 30, 2021   |  By Dan Papandrea
There is a lot of information out there (and growing) on software supply chain security. This info covers the basics around source and build, but does it cover all of your full software supply chain lifecycle? Is your build env at runtime protected? Is your application post deploy protected at runtime? This article will not only discuss what these concepts are, but provide additional discussions around the following: Read on brave reader…
Sep 28, 2021   |  By Eric Carter
Google Cloud is helping businesses build and deploy apps faster than ever before, but at the same time, cloud teams must consider how to implement secure DevOps practices to avoid risk. We’re partnering with Google Cloud to provide security solutions to cloud teams to simplify safeguarding cloud and containers. Today, we announced our collaboration with Google Cloud.
Sep 28, 2021   |  By Alejandro Villanueva
You’ve got a problem to solve and turned to Google Cloud Platform to build and host your solution. You create your account and are all set to brew some coffee and sit down at your workstation to architect, code, build, and deploy. Except… you aren’t. There are many knobs you must tweak and practices to put into action if you want your solution to be operative, secure, reliable, performant, and cost effective.
Sep 24, 2021   |  By Alberto Pellitteri
CVE-2021-25741 is a new vulnerability discovered in Kubernetes that allows users to create a container with subpath volume mounts to access files & directories outside of the volume, including the host filesystem. It was disclosed in September 2021 and affects kubelet, which is the node agent that runs on each Kubernetes node. In particular CVE-2021-25741 affects kubelet in these Kubernetes versions.
Sep 16, 2021   |  By Omer Azaria
Network segmentation is almost as old as computer networking. The evolution of network segmentation went through switches to routers and firewalls, and as modern networks evolved, the ability to better control traffic by operating system native functionality evolved as well. Native controls like IP Tables became lingua franca, alongside access control lists, process isolations, and more. Native controls are not a new concept.
Sep 9, 2021   |  By Alba Ferri
HIPAA compliance law, the Health Insurance Portability and Accountability Act in long form, is one of the compliance standards the public and private healthcare companies need to address for building and maintaining public trust in telemedicine. During the COVID-19 pandemic, telemedicine has been the solution to withstand the excess influx to hospitals and health centers, avoiding unnecessary exposure of patients.
Sep 8, 2021   |  By Eric Carter
Amazon EKS Anywhere is a new deployment option for Amazon Elastic Kubernetes Service that lets you create and operate Kubernetes clusters on-premises. With it, you can run containerized workloads in whatever location best serves your business. Carefully considering what’s needed for security will help you reduce risk and safeguard against potential threats.
Sep 1, 2021   |  By Daniella Pontes
In this blog, you will learn how monitoring data from your Kubernetes environments can be used to detect indicators of a compromise in Kubernetes. Securing Kubernetes is challenging: Configuration flexibility, large clusters, ephemeral containers, and an ever-growing services ecosystem produce complex environments that open up your attack surface. Adversaries get an advantage because complexity is a natural enemy of security.
Oct 12, 2021   |  By Sysdig
Jun 22, 2021   |  By Sysdig
Software is always changing and improving, and within this process, developers can unknowingly introduce vulnerabilities. Discover how Sysdig Secure provides a single vulnerability management solution for both containers and hosts. It allows you to validate compliance across your whole infrastructure. And it's so easy to deploy, that you will be scanning images and hosts in seconds.
May 4, 2021   |  By Sysdig
Thanks to serverless you can focus on your apps, instead of your infrastructure. Take AWS Fargate as an example. A service where you can deploy containers as Tasks, without worrying what physical machine they run on. However, without access to the host How can you detect suspicious activity? Like, file changes on your Fargate tasks? Sysdig provides runtime detection and response to secure Fargate serverless containers.
Apr 8, 2021   |  By Sysdig
The rapid pace of digital transformation is accelerating the shift to cloud-native applications using containers and Kubernetes to speed the pace of delivery. But application delivery is one thing. Application uptime performance and protection are another. For cloud teams already running production one fact is clear, monitoring and troubleshooting are only the beginning. They also need to own security and compliance for their apps. In cloud-native DevOps is not enough. It's time for secure DevOps.
Mar 30, 2021   |  By Sysdig
Your application runs on containers and talks to multiple cloud services. How can you continuously secure all of it? With Sysdig you can. Continuously flag cloud misconfigurations before the bad guys get in. And suspicious activity, like unusual logins from leaked credentials. All in a single console that makes it easier to validate your cloud security posture. It only takes a few minutes to get started.
Feb 18, 2021   |  By Sysdig
Implementing image scanning on a Kubernetes admission controller is an interesting strategy to apply policies that need Kubernetes context, and create a last line of defense for your cluster. You are probably following the image scanning best practices already, detecting vulnerabilities and misconfigurations before they can be exploited. However, not everything you deploy goes through your CI/CD pipeline or known registries. There are also third-party images and, sometimes, manual deploys.
Jan 13, 2021   |  By Sysdig
Join Sysdig and AWS experts to learn how to detect and respond to threats to your production applications running on services like AWS Fargate and Amazon EKS. With the rise of microservices and DevOps practices, new security threats put your infrastructure and applications at risk. Hear how to leverage signals from AWS CloudTrail and open source Falco to spot unexpected behavior, block threats, and validate compliance across your AWS environment.
Jan 12, 2021   |  By Sysdig
Tune into our #LinkedInLive event on Jan 12 at 10 am PST and Join Sysdig and AWS experts to learn how to detect and respond to threats to your production applications running on services like AWS Fargate and Amazon EKS. With the rise of microservices and DevOps practices, new security threats put your infrastructure and applications at risk. Hear how to leverage signals from AWS CloudTrail and open source Falco to spot unexpected behavior, block threats, and validate compliance across your AWS environment.
Dec 10, 2020   |  By Sysdig
Tune into our #LinkedInLive event on December 9 from 11:30am-12pm PST and join Sysdig and Amazon Web Services (AWS) experts, Pawan Shankar and Eric Carter, to learn how to scan #AWS #Fargate containers in under 4 minutes with Sysdig Secure. Join this live discussion to learn how Sysdig Secure closes the visibility and security gap by providing the first automated #Fargate inline scanning.
Nov 17, 2020   |  By Sysdig
A Zero trust approach for network security is a must to block unnecessary connections between pods, services and apps. But, when your traditional applications move to Kubernetes, you become blind to how your apps are communicating. Where do you start?
Sep 16, 2021   |  By Sysdig
Based on our understanding of the Gartner report, security and risk management leaders should develop a strategy for addressing the unique and dynamic requirements for protecting hybrid cloud workloads. Gartner's recommendations for cloud workload security include: Sysdig is listed by Gartner® as a Representative Vendor for Cloud Workload Protection Platforms. Gartner also notes Sysdig in the list of companies building or acquiring CSPM capabilities.
Oct 3, 2018   |  By Sysdig
For Dummies Series - Best practices, insights and recommendations.
May 1, 2018   |  By Sysdig
How containers change your compliance lifecycle.
Apr 1, 2018   |  By Sysdig
Get your containerized apps production-ready.
Mar 1, 2018   |  By Sysdig
A unified approach for security, monitoring, and forensics in containerized and microservice environments.

Sysdig is the first unified approach to monitor and secure containers across the entire software lifecycle.

Sysdig was born out of the belief that open source tools will be at the foundation of your next generation infrastructure. See our projects for system visibility, and container security, as well as partner projects we’ve embraced.

Accelerate your transition to containers, and then have confidence in your ongoing operations. We've built the cloud-native intelligence platform to create a single, more effective way to secure, monitor, and assure your critical applications:

  • Container security (Sysdig Secure): Protect and assure your applications. Bring together image scanning and run-time protection to identify vulnerabilities, block threats, enforce compliance, and audit activity across your microservices.
  • Enterprise-grade Docker monitoring (Sysdig Monitor): Enhance software reliability and accelerate problem resolution with advanced Kubernetes integration and built-in Prometheus monitoring capabilities.
  • Automatic orchestrator integration (Sysdig ServiceVision): We use Sysdig ServiceVision to dynamically map services using metadata from Kubernetes, OpenShift, AWS, Azure, Google, Mesos, or Docker EE, and more. With this insight, you can isolate and solve problems faster.

Our container intelligence platform monitors and secures millions of containers across hundreds of enterprises, including Fortune 500 companies and web-scale properties.