San Francisco, CA, USA
Nov 29, 2022   |  By Jason Avery
Content Extortion can simply be defined as “the practice of obtaining benefit through coercion.“ Data and cloud extortion schemes occur when precious data and/or access is stolen by an attacker that promises to restore it through payment or other demands. In this article, we’ll cover some common or uncommon extortion schemes, and highlight ways to detect and avoid falling prey to demands.
Nov 23, 2022   |  By Stefano Chierici
Content Supply Chain attacks are not new, but this past year they received much more attention due to high profile vulnerabilities in popular dependencies. Generally, the focus has been on the dependency attack vector. This is when source code of a dependency or product is modified by a malicious actor in order to compromise anyone who uses it in their own software.
Nov 22, 2022   |  By Nigel Douglas
Content Cloud Security Posture Management (CSPM) aims to automate the identification and remediation of risks across your entire cloud infrastructure. A core requirement of the CSPM framework is the need to enforce a principle of least privilege. There are certain overlaps with Cloud Infrastructure Entitlement Management (CIEM) solutions. CIEM is a newer categorization that came after CSPM.
Nov 18, 2022   |  By Nigel Douglas
Content Cryptomining attacks are becoming more notable in-line with the rise of blockchain and cryptocurrencies, so detecting cryptomining has become a high priority. Security researchers have found data breaches related to various cryptominer binaries running within victims’ infrastructures. The default openness of Kubernetes clusters and the availability of the extensive compute power required for mining makes Kubernetes clusters a perfect target for cryptomining attacks.
Nov 16, 2022   |  By Nicholas Lang
Content TeamTNT is a notorious cloud-targeting threat actor, who generates the majority of their criminal profits through cryptojacking. Sysdig TRT attributed more than $8,100 worth of cryptocurrency to TeamTNT, which was mined on stolen cloud infrastructure, costing the victims more than $430,000. The full impact of TeamTNT and similar entities is unknowable, but at $1 of profit for every $53 the victim is billed, the damage to cloud users is extensive.
Nov 15, 2022   |  By Eduardo Mínguez
Helm is being used broadly to deploy Kubernetes applications as it is an easy way to publish and consume them via a couple of commands, as well as integrate them in your GitOps pipeline. But is Helm secure enough? Can you trust it blindly? This post explains the benefits of using Helm, the pitfalls, and offers a few recommendations for how to secure it. Let’s get started!
Nov 11, 2022   |  By Eric Carter
Cyber attacks are an unfortunate reality in our interconnected world. The art of keeping up with malicious actors is challenging, but even more so with the move to cloud-native technologies. As a result, security is evolving. Developers, DevOps, and cloud teams must now learn a new set of best practices that balance shift-left and shield-right security approaches to reduce risk. There has never been a more critical time to revisit your cybersecurity strategy.
Nov 10, 2022   |  By Jason Umiker
Many of the benefits of running Kubernetes come from the efficiencies that you get when you share the cluster – and thus the underlying compute and network resources it manages – between multiple services and teams within your organization. Each of these major services or teams that share the cluster are tenants of the cluster – and thus this approach is referred to as multi-tenancy.
Nov 10, 2022   |  By Daniella Pontes
The awaited OpenSSL 3.0.7 patch was released on Nov. 1. The OpenSSL Project team announced two HIGH severity vulnerabilities (CVE-2022-3602, CVE-2022-3786), which affect all OpenSSL v3 versions up to 3.0.6. These vulnerabilities are remediated in version 3.0.7, which was released Nov. 1. The vulnerabilities fixed include two stack-based buffer overflows in the name constraint checking portion of X.509 certificate verification.
Nov 8, 2022   |  By Nigel Douglas
Let’s dig deeper into the techniques used by attackers and the mitigations you should implement when ransomware on Azure affects you. By now, we should all be aware of ransomware from the constant news articles associated with this known threat. As we explained in the anatomy of a cloud attacks, ransomware is a way for attackers to make money when they gain control of your accounts through data encryption, therefore restricting your access to the system.
Nov 23, 2022   |  By Sysdig
How do you secure your Docker containers against the latest vulnerabilities? What tools help your containers stay secure from the #Dockerfile through the runtime? Where is scanning most effective in the container lifecycle? We compiled a short list of security best practices to keep your #containers safe and answer these questions.
Nov 14, 2022   |  By Sysdig
What does #Sysdig do and how is it different from other cloud and container security tools? Hear CEO Suresh Vasudevan explain how Sysdig can help customers secure and monitor their containers on the cloud from source to runtime. Stay up to date on the latest cloud native news and trends, get all the info on latest vulnerabilities and discover new ways for securing and monitoring kubernetes and containers on our blog.
Nov 10, 2022   |  By Sysdig
Escaping a docker container can get you access to the whole linux host, so it's a precious technique for a cyber attack. But it's also valuable for defenders: hacking docker containers to get a breakout is a fun way to better understand a vulnerability and how to better protect from these exploits! In this hands on video, we look at three real life scenarios where you can actually break out from a docker container.
Oct 18, 2022   |  By Sysdig
We will introduce how Falco can be extended to be used for data sources beyond syscalls, opening up use cases covering detections on cloud-native platforms using any JSON compatible logs from cloud vendors, or sources such as AWS Cloudtrail.
Oct 18, 2022   |  By Sysdig
Is your organization ready to pay an additional $430,000 cloud bill as a result of cryptojacking? The Sysdig Threat Research Team recently released the 2022 Sysdig Cloud-Native Threat Report, which details the cost of cryptojacking, the reality of software supply chain risks, and how hacktivism has become a prominent feature in cyber warfare. While the motives of hackers have not changed, they have adjusted their attack patterns and tactics to penetrate cloud environments more effectively. Fortify your cloud by understanding the current threat landscape and identifying defense strategies.
Oct 12, 2022   |  By Sysdig
Software flaws are inevitable, and as Log4Shell recently reminded us, their impact can be massive. Using Log4Shell as a prime example we explain.
Sep 27, 2022   |  By Sysdig
Here we will introduce Falco as a threat detection engine, defining its concepts and key components - events, rules and alerts. For the full, free Falco 101 course, including fully interactive hands-on labs and much more content to gain expertise on Falco for all kinds of experience levels, visit the Sysdig learning portal. Below are some of the topics you can expect to find as part of Falco 101.
Sep 14, 2022   |  By Sysdig
Automate security issue fixes in seconds and reduce cloud risk with Sysdig. Let's dig in! We know cloud teams have tons of security issues. You can be spending hours trying to understand if those findings pose a real risk in your cloud environment. So, how can you shorten the time needed to triage every misconfiguration and take action on those that really matter to you? Discover how Sysdig aggregates security findings by root cause and prioritizes remediation based on impact and risk.
Jun 24, 2022   |  By Sysdig
Security is changing, you need to adapt to the Cloud. Sysdig: Secure your Cloud from Source to Run. Cloud security that avoids, that alerts, closes gaps, grants access, takes charge. That checks out, that scales up, that keeps up. That’s there From source, to run. That’s Sysdig! A single view of risk. With no blind spots. Rich context to prioritize what matters. With no guesswork. A platform based on open standards. With no black boxes.
Jun 15, 2022   |  By Sysdig
Elastic Compute Cloud (EC2) is arguably one of the most popular AWS services. With Sysdig, you can secure EC2 by detecting threats and vulnerabilities, controlling configuration and permission risks, and meeting compliance requirements.
Sep 16, 2021   |  By Sysdig
Based on our understanding of the Gartner report, security and risk management leaders should develop a strategy for addressing the unique and dynamic requirements for protecting hybrid cloud workloads. Gartner's recommendations for cloud workload security include: Sysdig is listed by Gartner® as a Representative Vendor for Cloud Workload Protection Platforms. Gartner also notes Sysdig in the list of companies building or acquiring CSPM capabilities.
Oct 3, 2018   |  By Sysdig
For Dummies Series - Best practices, insights and recommendations.
May 1, 2018   |  By Sysdig
How containers change your compliance lifecycle.
Apr 1, 2018   |  By Sysdig
Get your containerized apps production-ready.
Mar 1, 2018   |  By Sysdig
A unified approach for security, monitoring, and forensics in containerized and microservice environments.

Sysdig is the first unified approach to monitor and secure containers across the entire software lifecycle.

Sysdig was born out of the belief that open source tools will be at the foundation of your next generation infrastructure. See our projects for system visibility, and container security, as well as partner projects we’ve embraced.

Accelerate your transition to containers, and then have confidence in your ongoing operations. We've built the cloud-native intelligence platform to create a single, more effective way to secure, monitor, and assure your critical applications:

  • Container security (Sysdig Secure): Protect and assure your applications. Bring together image scanning and run-time protection to identify vulnerabilities, block threats, enforce compliance, and audit activity across your microservices.
  • Enterprise-grade Docker monitoring (Sysdig Monitor): Enhance software reliability and accelerate problem resolution with advanced Kubernetes integration and built-in Prometheus monitoring capabilities.
  • Automatic orchestrator integration (Sysdig ServiceVision): We use Sysdig ServiceVision to dynamically map services using metadata from Kubernetes, OpenShift, AWS, Azure, Google, Mesos, or Docker EE, and more. With this insight, you can isolate and solve problems faster.

Our container intelligence platform monitors and secures millions of containers across hundreds of enterprises, including Fortune 500 companies and web-scale properties.