A new critical vulnerability has been found in log4j, a widely-used open-source utility used to generate logs inside java applications. The vulnerability CVE-2021-44228, also known as Log4Shell, permits a Remote Code Execution (RCE) allowing the attackers to execute arbitrary code on the host. The log4j utility is popular and used by a huge number of applications and companies, including the famous game Minecraft. It is also used in various Apache frameworks like Struts2, Kafka, Druid, Flink, and many commercial products.

The rapid pace of digital transformation is accelerating the shift to cloud-native applications using containers and Kubernetes to speed the pace of delivery. But application delivery is one thing. Application uptime performance and protection are another. For cloud teams already running production one fact is clear, monitoring and troubleshooting are only the beginning. They also need to own security and compliance for their apps.

Over-privileged users in the cloud are everywhere!! Security teams are struggling with getting visibility into who should have access to what or how to enforce least privilege access. How do you manage excessive permissions in the cloud? Let's dig in! Sysdig reduces times to secure identities on the cloud to as little as two minutes.

Together with Google Cloud, Sysdig reduces your cloud security risk. So you can confidently run your workloads on Google Cloud. Get started in minutes with Sysdig SaaS, and simplify security, compliance, and monitoring. Accelerate your growth with NO backend data management. # CSPM Sysdig is your centralized safe place to enhance cloud security posture. # Threat detection Plug in Google Cloud Audit logs And get started quickly with our out-of-the-box Falco rules.

Software is always changing and improving, and within this process, developers can unknowingly introduce vulnerabilities. Discover how Sysdig Secure provides a single vulnerability management solution for both containers and hosts. It allows you to validate compliance across your whole infrastructure. And it's so easy to deploy, that you will be scanning images and hosts in seconds.

Thanks to serverless you can focus on your apps, instead of your infrastructure. Take AWS Fargate as an example. A service where you can deploy containers as Tasks, without worrying what physical machine they run on. However, without access to the host How can you detect suspicious activity? Like, file changes on your Fargate tasks? Sysdig provides runtime detection and response to secure Fargate serverless containers.

The rapid pace of digital transformation is accelerating the shift to cloud-native applications using containers and Kubernetes to speed the pace of delivery. But application delivery is one thing. Application uptime performance and protection are another. For cloud teams already running production one fact is clear, monitoring and troubleshooting are only the beginning. They also need to own security and compliance for their apps. In cloud-native DevOps is not enough. It's time for secure DevOps.

Your application runs on containers and talks to multiple cloud services. How can you continuously secure all of it? With Sysdig you can. Continuously flag cloud misconfigurations before the bad guys get in. And suspicious activity, like unusual logins from leaked credentials. All in a single console that makes it easier to validate your cloud security posture. It only takes a few minutes to get started.

Implementing image scanning on a Kubernetes admission controller is an interesting strategy to apply policies that need Kubernetes context, and create a last line of defense for your cluster. You are probably following the image scanning best practices already, detecting vulnerabilities and misconfigurations before they can be exploited. However, not everything you deploy goes through your CI/CD pipeline or known registries. There are also third-party images and, sometimes, manual deploys.