|
By Ryan Davis
How would you feel about your home security system if it only checked to see if your doors and windows were locked periodically? This security system would provide great visualizations of your house and how a criminal could get from one room to another, ultimately reaching one of your prized possessions, like a safe. However, it doesn’t have cameras on your doorbell or windows to alert you in real time when someone suspicious was approaching, or worse, trying to break into your house.
|
By Matt Stamper
Occasionally, you get exposed to something so logical that you literally take pause and smile quizzically asking yourself “Why didn’t I think of this before?”
|
By Nigel Douglas
The recent discovery of a backdoor in XZ Utils (CVE-2024-3094), a data compression utility used by a wide array of various open-source, Linux-based computer applications, underscores the importance of open-source software security. While it is often not consumer-facing, open-source software is a critical component of computing and internet functions, such as secure communications between machines.
|
By Jason Andress
In the previous article, we discussed high-interaction honeypots and used vcluster to build an intentionally-vulnerable SSH server inside of its own cluster so it couldn’t hurt anything else in the environment when it got owned. Then, we installed Falco on the host and proceeded to attack the SSH server, watching the Falco logs to see the appropriate rule trigger when we read /etc/shadow.
The Sysdig Threat Research Team (Sysdig TRT) recently discovered a long-running botnet operated by a Romanian threat actor group, which we are calling RUBYCARP. Evidence suggests that this threat actor has been active for at least 10 years. Its primary method of operation leverages a botnet deployed using a variety of public exploits and brute force attacks.
|
By Michael Clark
On March 29th, 2024, a backdoor in a popular package called XZ Utils was announced on the Openwall mailing list. This utility includes a library called liblzma which is used by SSHD, a critical part of the Internet infrastructure used for remote access. When loaded, the CVE-2024-3094 affects the authentication of SSHD potentially allowing intruders access regardless of the method.
|
By Michael Isbitski
The SEC’s new ‘Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure’ rule (issued on July 26, 2023) has public companies, notably smaller companies, worrying about having enough cybersecurity expertise to run a security program consistent with SEC requirements.
|
By Michael Isbitski
The SEC cybersecurity disclosure rules have put a spotlight on the issue of cybersecurity within organizations. The core of the rules and related guidance can be found in the article “Assess Your Readiness Now for the SEC Cybersecurity Disclosure Rules.“ The SEC cybersecurity disclosure rules should help build momentum around the importance of governance and risk management, relevant expertise, and timely incident disclosure that are fundamental to cybersecurity programs.
|
By Victor Hernando
Back in August 2023, Checkmarx and Sysdig announced a new partnership. This collaboration enables customers of both Checkmarx and Sysdig to leverage the comprehensive visibility offered by Sysdig Runtime Insights to get even more value from the Checkmarx One application security platform.
|
By Joseph Yostos
In an era where cloud attacks and threats are happening very fast and constantly evolving, the European Union (EU) has stepped up its cybersecurity game with two new regulations: the Digital Operational Resilience Act (DORA) and the revised Directive on Security of Network and Information Systems (NIS2). With more strict requirements on compliance controls and breach disclosures, these regulations are set to transform how businesses manage their cyber risks in Europe.
|
By Sysdig
Join David Quisenberry, Senior Manager of Information Security, and Cat Schwan, Security Team Lead, to learn how Sysdig’s powerful runtime insights empower Apree Health to identify, visualize, and eliminate Kubernetes vulnerabilities, threats, and misconfigurations in real time, and how automated evidence gathering and reporting helped them achieve both SOC 2 and HITRUST compliance. Interested in learning more about Sysdig Secure?
|
By Sysdig
Cybersecurity breaches are becoming more frequent and more impactful. Adversaries continue to grow stronger, and defenders aren’t always keeping pace. On July 26th, 2023, the U.S. Securities and Exchange Commission issued new regulations on cybersecurity risk management, strategy, governance, and incident disclosure, leaving many companies concerned about how to ensure compliance with these new rules, and what changes they may need to make to get up to speed.
|
By Sysdig
Join us for a LinkedIn Live panel discussion between industry experts Matt Stamper (CEO, Executive Advisors Group LLC), Colleen Lam (General Counsel, Sysdig), and Andrew Thorpe (Partner at Gunderson Dettmer and former Special Council at the SEC), as they dissect the seismic shifts in the cybersecurity landscape post the SEC's updated guidelines and the Solarwinds complaint.
|
By Sysdig
Discover "Risk Prioritization" and "Attack Path Analysis" - a powerful solution designed to tackle the challenges of protecting against modern cloud attacks head-on, and provide invaluable insights into cloud security. Powered by the Cloud Attack Graph, the new Risks page shows a prioritized list of the potential risks in your cloud infrastructure. The risks in the page are not merely just another list of prescriptions: they are periodically re-evaluated and re-prioritized based on the findings in your infrastructure.
|
By Sysdig
Discover how Sysdig Secure’s new “Agentless Vulnerability Management” approach helps you streamline the onboarding of new deployments, while significantly cutting down complexity and setup time. Agentless security tools generally rely on leveraging existing interfaces and APIs provided by the cloud service providers to collect information and perform vulnerability assessments.
|
By Sysdig
Time is the currency of the cloud, where rapid innovation collides with fast-paced attacks. Discover how Sysdig's Cloud-Native Application Protection Platform (CNAPP) reimagines cloud security, leveraging the Cloud Attack Graph, powered by runtime insights to correlate assets, detect risks, and provide real-time insights. See how to connect the dots and uncover hidden attack paths, prioritize risks, and stop attacks in their tracks. With Sysdig, secure every second.
|
By Sysdig
Attacks happen fast in the cloud. Ten minutes – that’s all it takes for an attack to take place. In the cloud, every second counts. Now is the time to secure cloud innovation with the power of runtime insights. Sysdig. Secure Every Second.
|
By Sysdig
Discover how Sysdig’s "Improved Inventory" can help you find your way inside your ever-growing cloud infrastructure with minimal effort. With Inventory, navigating the intricate network of your cloud resources becomes not just manageable, but intuitive. It provides a seamless interface that marries comprehensive visibility with dynamic searchability, making it the cornerstone of effective cloud security posture management.
|
By Sysdig
Join Dan Holden, VP of Cybersecurity, and other members of the BigCommerce team to hear how their cloud-based e-commerce platform relies on real-time insights from Sysdig to secure and strengthen its cloud environment from end-to-end.
|
By Sysdig
Cloud threats are evolving and attackers are moving faster than ever! Join Sysdig’s Michael Clark (Director, Threat Research) and Anna Belak (Director, Office of Cybersecurity Strategy) LIVE on Linkedin, Twitter, and Youtube, as they discuss key findings from Sysdig’s �������� ������������ ���������� ������������ ������������. From cloud automation as a weapon to software supply chain vulnerabilities — the annual report authored by Sysdig’s Threat Research Team exposes shocking statistics on the evolving tactics of attackers lurking within the clouds.
|
By Sysdig
Based on our understanding of the Gartner report, security and risk management leaders should develop a strategy for addressing the unique and dynamic requirements for protecting hybrid cloud workloads. Gartner's recommendations for cloud workload security include: Sysdig is listed by Gartner® as a Representative Vendor for Cloud Workload Protection Platforms. Gartner also notes Sysdig in the list of companies building or acquiring CSPM capabilities.
|
By Sysdig
A unified approach for security, monitoring, and forensics in containerized and microservice environments.
- April 2024 (5)
- March 2024 (10)
- February 2024 (18)
- January 2024 (8)
- December 2023 (2)
- November 2023 (3)
- October 2023 (6)
- September 2023 (14)
- August 2023 (7)
- July 2023 (9)
- June 2023 (9)
- May 2023 (9)
- April 2023 (3)
- March 2023 (13)
- February 2023 (9)
- January 2023 (7)
- December 2022 (4)
- November 2022 (17)
- October 2022 (12)
- September 2022 (12)
- August 2022 (8)
- July 2022 (6)
- June 2022 (13)
- May 2022 (11)
- April 2022 (7)
- March 2022 (14)
- February 2022 (5)
- January 2022 (9)
- December 2021 (9)
- November 2021 (5)
- October 2021 (8)
- September 2021 (9)
- August 2021 (4)
- July 2021 (4)
- June 2021 (5)
- May 2021 (6)
- April 2021 (6)
- March 2021 (11)
- February 2021 (6)
- January 2021 (7)
- December 2020 (6)
- November 2020 (8)
- October 2020 (8)
- September 2020 (9)
- August 2020 (2)
- July 2020 (7)
- June 2020 (4)
- May 2020 (7)
- April 2020 (6)
- March 2020 (3)
- February 2020 (3)
- January 2020 (3)
- December 2019 (3)
- November 2019 (11)
- October 2019 (4)
- September 2019 (1)
- August 2019 (3)
- July 2019 (3)
- June 2019 (3)
- May 2019 (7)
- April 2019 (6)
- March 2019 (6)
- February 2019 (4)
- January 2019 (1)
- October 2018 (1)
- May 2018 (1)
- April 2018 (1)
- March 2018 (1)
Sysdig is the first unified approach to monitor and secure containers across the entire software lifecycle.
Sysdig was born out of the belief that open source tools will be at the foundation of your next generation infrastructure. See our projects for system visibility, and container security, as well as partner projects we’ve embraced.
Accelerate your transition to containers, and then have confidence in your ongoing operations. We've built the cloud-native intelligence platform to create a single, more effective way to secure, monitor, and assure your critical applications:
- Container security (Sysdig Secure): Protect and assure your applications. Bring together image scanning and run-time protection to identify vulnerabilities, block threats, enforce compliance, and audit activity across your microservices.
- Enterprise-grade Docker monitoring (Sysdig Monitor): Enhance software reliability and accelerate problem resolution with advanced Kubernetes integration and built-in Prometheus monitoring capabilities.
- Automatic orchestrator integration (Sysdig ServiceVision): We use Sysdig ServiceVision to dynamically map services using metadata from Kubernetes, OpenShift, AWS, Azure, Google, Mesos, or Docker EE, and more. With this insight, you can isolate and solve problems faster.
Our container intelligence platform monitors and secures millions of containers across hundreds of enterprises, including Fortune 500 companies and web-scale properties.