Containers

Everything started when I was researching Windows containers. It required installing Docker Desktop for Windows, and I couldn’t help but notice that there were many Docker processes. Since some of the processes were privileged, the communication between them is of particular interest, which led me to explore further. I found the processes were using named pipes for communication, and one of them was a way to forward API calls from a low-privileged user to a privileged service.

The sixth annual Sysdig Cloud-Native Security and Usage Report digs into how Sysdig customers of all sizes and industries are using, securing, and paying for cloud and container environments. We examined the data and found some interesting trends that may help you as you work to develop best practices for securing and monitoring your cloud-native environments. This year’s report has new data on cloud security, container vulnerabilities, and Kubernetes cost optimization.

Most Kubernetes users understand the complexity involved in managing multiple Kubernetes clusters, especially when those clusters are hosted in hybrid cloud or multi-cloud environments.

This month, Sysdig Secure brings the General Availability of our Host Scanning & CSPM Compliance features. Other changes include Host Vulnerability Reporting, IaC Scanning of Terraform in AWS, and more! Our SDK, CLI, and tools have had several updates and improvements as well.

PostgreSQL is a powerful, open-source relational database management system (RDBMS). Because of its robustness and scalability, PostgreSQL is used extensively in the cloud. Most public cloud providers including AWS, Azure and GCP provide database services to their customers based on PostgreSQL.

Last week we announced the broadest policy library and toolset for Kubernetes, Terraform and CloudFormation. This work is part of our effort to support platform engineering and cloud infrastructure teams with policy guardrails, as they work to support hundreds (or thousands) of developers. But what does this exactly mean for Kubernetes users? Today we’ll cover the Styra DAS features and policies that are now at your fingertips for those managing Kubernetes clusters.

Scanning for vulnerabilities is a best practice and a must-have step in your application lifecycle to prevent security attacks. It is also important where this step is performed, but why? Let’s dig into the details of vulnerability scanning with Sysdig.