Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

May 2024

sysdig

Next-Gen Container Security: Why Cloud Context Matters

May 30, 2024 By Matt Kim In Sysdig
Container security has experienced significant transformation over the past decade. From the emergence of foundational tools like Docker to the maturation of orchestration platforms such as Kubernetes, the container security landscape looks different than it did even a few years ago. With Gartner predicting 95% of organizations will be running containerized applications in production by 2028, it’s clear that container security is going to be a key priority for most organizations moving forward.
Read Post
sysdig

What's New in Sysdig - May 2024

May 30, 2024 By Dustin Krysak In Sysdig
“What’s New in Sysdig” is back with the May 2024 edition! My name is Dustin Krysak. I’m a Customer Solutions Engineer based in Vancouver, BC, and I’m excited to share our latest updates. The Sysdig Threat Research Team (TRT) has been busy recently investigating and analyzing new security threats. Their research has uncovered notable vulnerabilities and attack vectors, which they’ve shared insights about through the Sysdig blog.
Read Post

Ticker News: Major 2024 Cybersecurity Concerns With Loris Degioanni, Sysdig

May 28, 2024 By Sysdig In Sysdig
Loris Degioanni, CTO and Founder of Sysdig, stopped by the Ticker News studio to discuss the major cybersecurity concerns of 2024. In the cloud, attacks are fast. Companies have 5 seconds to discover an attack, 5 minutes to investigate, and 5 minutes to respond. How can companies secure their environment when keeping pace with the speed of the cloud?
View Video
sysdig

DDoS-as-a-Service: The Rebirth Botnet

May 28, 2024 By Sysdig Threat Research Team In Sysdig
In March 2024, the Sysdig Threat Research Team (TRT) began observing attacks against one of our Hadoop honeypot services from the domain “rebirthltdio). The threat actors operating the botnet are financially motivated and advertise their service primarily to the video gaming community, although there is no evidence that this botnet is not being purchased beyond gaming-related purposes, and organizations may still be at risk of falling victim to these botnets attacks.
Read Post

AI Workload Security

May 23, 2024 By Sysdig In Sysdig
AI usage has exploded. In just a few years, it's gone from something the enterprise should track to a powerful technology set we rely on. This sharp rise has created a world of opportunity and a new set of security challenges that we need to be aware of, but not scared of. And that's why I'm excited to share our new AI workload security feature. By understanding where they are running, Sysdig helps you control shadow AI and active AI risk and keeps you ahead of emerging AI regulations because you'll know what AI workloads you have, where they are, and what risks are associated with them.
View Video
sysdig

Leadership Strategies for Risk Reduction, Transparency, and Speed

May 22, 2024 By Crystal Morin In Sysdig
To respond to the increasing number of federal cybersecurity recommendations and regulations, cybersecurity leaders and their teams need to be confident in the transparency and resiliency of their security processes. The key is a strong and well documented risk management program. This is imperative for the compliance or incident audits that come with regulations.
Read Post
sysdig

Optimizing Wireshark in Kubernetes

May 21, 2024 By Nigel Douglas In Sysdig
In Kubernetes, managing and analyzing network traffic poses unique challenges due to the ephemeral nature of containers and the layered abstraction of Kubernetes structures like pods, deployments, and services. Traditional tools like Wireshark, although powerful, struggle to adapt to these complexities, often capturing excessive, irrelevant data – what we call “noise.”
Read Post

Sysdig's AI Workload Security

May 20, 2024 By Sysdig In Sysdig
AI usage has exploded. In just a few years, it's gone from something the enterprise should track to a powerful technology set we rely on. This sharp rise has created a world of opportunity and a new set of security challenges that we need to be aware of, but not scared of. And that's why I'm excited to share our new AI workload security feature. By understanding where they are running, Sysdig helps you control shadow AI and active AI risk and keeps you ahead of emerging AI regulations because you'll know what AI workloads you have, where they are, and what risks are associated with them.
View Video
sysdig

Cloud Security and Compliance: A Smarter Approach to Keeping Your Head Above Water

May 16, 2024 By Rayna Stamboliyska In Sysdig
When it comes to cloud security and compliance, it’s easy to feel like you’re drowning in a sea of regulations and requirements. But don’t worry; we’re all in the same boat! That’s why we’re thrilled to share our latest point-of-view (POV) paper, “Practical Cloud Security in the Era of Cybersecurity Regulation,” which is crafted with our deep industry expertise and experience.
Read Post
sysdig

The Race for Artificial Intelligence Governance

May 13, 2024 By Nigel Douglas In Sysdig
As AI adoptions become increasingly integral to all aspects of society worldwide, there is a heightened global race to establish artificial intelligence governance frameworks that ensure their safe, private, and ethical use. Nations and regions are actively developing policies and guidelines to manage AI’s expansive influence and mitigate associated risks. This global effort reflects a recognition of the profound impact that AI has on everything from consumer rights to national security.
Read Post
sysdig

Accelerating AppSec with Mend.io and Sysdig

May 7, 2024 By Eric Carter In Sysdig
Today at RSA Conference 2024, Mend.io and Sysdig unveiled a joint solution targeted at helping developers, DevOps, and security teams accelerate secure software delivery from development to deployment. The integration incorporates the exchange of runtime insights and application ownership context between Sysdig Secure and Mend Container to provide users with superior, end-to-end, and risk-based vulnerability prioritization and remediation across development and production environments.
Read Post
sysdig

LLMjacking: Stolen Cloud Credentials Used in New AI Attack

May 6, 2024 By Alessandro Brucato In Sysdig
The Sysdig Threat Research Team (TRT) recently observed a new attack that leveraged stolen cloud credentials in order to target ten cloud-hosted large language model (LLM) services, known as LLMjacking. The credentials were obtained from a popular target, a system running a vulnerable version of Laravel (CVE-2021-3129). Attacks against LLM-based Artificial Intelligence (AI) systems have been discussed often, but mostly around prompt abuse and altering training data.
Read Post
sysdig

Strengthening Cloud Security Together: Meet the Runtime Insights Partner Ecosystem

May 2, 2024 By Eric Carter In Sysdig
In the ever-evolving landscape of cloud security, staying ahead of threats is paramount. Success requires well-orchestrated cybersecurity solutions that work together from prevention to defense. Today we launched our latest initiative, the Runtime Insights Partner Ecosystem, which brings together leading solutions that strengthen cloud security through integration and collaboration.
Read Post

This is SCARLETEEL

May 2, 2024 By Sysdig In Sysdig
In under five minutes, SCARLETEEL exploits an unpatched vulnerability to access credentials, escalate privileges, and move to other accounts, potentially stealing proprietary software. To defend against this threat, sophisticated layers of defense and speed are necessary. The 555 benchmark is one way to keep your team ready to act at the speed of the cloud.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.