Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

September 2021

"Chain"ging the Game - how runtime makes your supply chain even more secure

There is a lot of information out there (and growing) on software supply chain security. This info covers the basics around source and build, but does it cover all of your full software supply chain lifecycle? Is your build env at runtime protected? Is your application post deploy protected at runtime? This article will not only discuss what these concepts are, but provide additional discussions around the following: Read on brave reader…

Secure DevOps on Google Cloud: Reduce cloud and container risk

Google Cloud is helping businesses build and deploy apps faster than ever before, but at the same time, cloud teams must consider how to implement secure DevOps practices to avoid risk. We’re partnering with Google Cloud to provide security solutions to cloud teams to simplify safeguarding cloud and containers. Today, we announced our collaboration with Google Cloud.

How to meet 24 Google Cloud Platform (GCP) security best practices using open source Cloud Custodian and Falco

You’ve got a problem to solve and turned to Google Cloud Platform to build and host your solution. You create your account and are all set to brew some coffee and sit down at your workstation to architect, code, build, and deploy. Except… you aren’t. There are many knobs you must tweak and practices to put into action if you want your solution to be operative, secure, reliable, performant, and cost effective.

How to mitigate kubelet's CVE-2021-25741: Symlink exchange can allow host filesystem access

CVE-2021-25741 is a new vulnerability discovered in Kubernetes that allows users to create a container with subpath volume mounts to access files & directories outside of the volume, including the host filesystem. It was disclosed in September 2021 and affects kubelet, which is the node agent that runs on each Kubernetes node. In particular CVE-2021-25741 affects kubelet in these Kubernetes versions.

Kubernetes network segmentation using native controls

Network segmentation is almost as old as computer networking. The evolution of network segmentation went through switches to routers and firewalls, and as modern networks evolved, the ability to better control traffic by operating system native functionality evolved as well. Native controls like IP Tables became lingua franca, alongside access control lists, process isolations, and more. Native controls are not a new concept.

2021 Gartner Market Guide for Cloud Workload Protection Platforms (CWPP)

Based on our understanding of the Gartner report, security and risk management leaders should develop a strategy for addressing the unique and dynamic requirements for protecting hybrid cloud workloads. Gartner's recommendations for cloud workload security include: Sysdig is listed by Gartner® as a Representative Vendor for Cloud Workload Protection Platforms. Gartner also notes Sysdig in the list of companies building or acquiring CSPM capabilities.

Confidently deliver HIPAA compliance software with Sysdig Secure

HIPAA compliance law, the Health Insurance Portability and Accountability Act in long form, is one of the compliance standards the public and private healthcare companies need to address for building and maintaining public trust in telemedicine. During the COVID-19 pandemic, telemedicine has been the solution to withstand the excess influx to hospitals and health centers, avoiding unnecessary exposure of patients.

Securing Amazon EKS Anywhere with Sysdig

Amazon EKS Anywhere is a new deployment option for Amazon Elastic Kubernetes Service that lets you create and operate Kubernetes clusters on-premises. With it, you can run containerized workloads in whatever location best serves your business. Carefully considering what’s needed for security will help you reduce risk and safeguard against potential threats.

Top 10 Indicators of Compromise in Kubernetes

In this blog, you will learn how monitoring data from your Kubernetes environments can be used to detect indicators of a compromise in Kubernetes. Securing Kubernetes is challenging: Configuration flexibility, large clusters, ephemeral containers, and an ever-growing services ecosystem produce complex environments that open up your attack surface. Adversaries get an advantage because complexity is a natural enemy of security.