Strengthening Cloud Security Together: Meet the Runtime Insights Partner Ecosystem

By Eric Carter - MAY 2, 2024

SHARE:

Facebook logo LinkedIn logo X (formerly Twitter) logo

In the ever-evolving landscape of cloud security, staying ahead of threats is paramount. Success requires well-orchestrated cybersecurity solutions that work together from prevention to defense. Today we launched our latest initiative, the Runtime Insights Partner Ecosystem, which brings together leading solutions that strengthen cloud security through integration and collaboration.

Centered around sharing valuable insights that accelerate and simplify vulnerability management, posture management, and cloud detection & response, the Runtime Insights Partner Ecosystem helps cloud users better prioritize risk, automate workflows, ensure compliance, and respond at cloud speed. We’re thrilled to be supported by a roster of partners representing a wide spectrum of leading industry solutions.

Read on to learn more about the unique collaborations that equip cloud teams to bolster cloud security.

Collaborating to solve cloud security challenges

Cloud security is a multifaceted challenge. Cloud attacks happen fast. The speed and sophistication of cloud attacks mean that security teams and tools must be able to move faster than an attacker. And, there’s no such thing as a one-size-fits-all solution. Successful cloud security programs require a breadth of coverage to protect against known and unknown threats.

Over time, to meet the needs of distinct teams and particular use cases, you’ve likely rolled out a wide range of tooling across cloud security domains from Identity and AppSec to Threat Detection and Incident Response. Wouldn’t it be great to have connective tissue across these domains to share insights so you can move faster and optimize outcomes? This is the goal of our integration ecosystem.

The core of our collaboration:
Runtime Insights

At Sysdig, our cloud security platform is designed with runtime visibility at its core. Built on Falco open source, our deep real-time understanding of what’s happening at runtime helps users pinpoint advanced threats but also delivers intel that adds value across many cloud security domains. This intel–what we call runtime insights–provides meaningful runtime context that is able to enrich solutions from other providers in the ecosystem. Here are a few examples:

  • Vulnerability prioritization: AppSec solutions identify and prioritize in-use vulnerable packages in your running workloads.
  • Active threat detection & response: Incident response solutions incorporate threat events and context for analysis and response automation.
  • Permission management: Identity solutions get visibility into inactive users and excessive permissions to enforce least-privilege access.
  • Posture drift control: Infrastructure-as-code (IaC) and GitOps tools gain visibility into deployment inconsistencies to automate required remediations.

  • Sysdig runtime insights

    Runtime Insights Ecosystem Partner solution highlights

    Our partners bring domain expertise across domains like AppSec, Next-gen SIEM and SOAR, XDR, IT Service Management, and more. When combined with Sysdig, these partners give users an added advantage in defending against cloud threats – from shift left to shield right.

    Here is a sample of key integrations we deliver together with key partners.

    • Checkmarx – Checkmarx One uses runtime insights to prioritize vulnerabilities associated with running container packages that pose the most risk.
    • Cybereason – With runtime insights, Cybereason XDR enables teams to manage cloud risk with XDR context from the broader enterprise.
    • Docker Scout – Docker Scout uses runtime insights to identify active images and packages to spotlight risk and help secure your software supply chain.
    • Elastic – With Elasticsearch, Elastic helps practitioners accelerate investigation and response using runtime insights from the Sysdig CNAPP platform.
    • Google Chronicle – Chronicle enables Sysdig users to extract more value from insights collected from cloud workloads in runtime environments.
    • Mend.io – Mend Container leverages runtime insights to provide users with end-to-end, risk-based vulnerability prioritization and remediation.
    • Netskope – Sysdig and Netskope correlate cloud threat insights across users and workloads to deliver high-fidelity protection for users, apps, and data.
    • PagerDuty – With Sysdig and PagerDuty, teams more effectively detect and respond to threats and anomalies across containers, Kubernetes, and cloud.
    • ServiceNow – ServiceNow CVR incorporates Sysdig-detected vulnerabilities and in-use insights to enable faster assignment, triage, and response.
    • Snyk – Snyk and Sysdig deliver feedback and visibility from production back to developers, eliminating the noise of container vulnerabilities.
    • Sumo Logic – Sumo Logic enables Sysdig users to accelerate cloud insights into action with its cloud SIEM and SOAR capabilities.
    • Tines – Tines taps into the Sysdig API with its smart, secure workflow builder to enable intelligent automation for swift response to cloud security threat events.


    For an additional view into all of the cloud and tech partner integrations available visit sysdig.com/integrations.

    A two-way street: Partner data makes Sysdig better

    Our partnerships aren’t just about the cloud security insights available from Sysdig. Many of our partners provide critical data sources that enable Sysdig to detect threats across multiple domains and provide critical cloud security insights. Here are a few examples:

    • Cloud logs: AWS CloudTrail, Google Cloud Audit Logs, and Azure Platform Logs provide insight into cloud account and service activity.
    • Identity Logs: Logs from solutions like Okta and Microsoft Entra enable the detection of anomalous events to protect against identity attacks.
    • GitHub Logs: GitHub event data enables Sysdig to detect risks to GitHub repos like leaking secrets, exfiltration of sensitive data, and cryptomining through GitHub Actions.

    sysdig data sources

    Driving better cloud security outcomes together

    The launch of the Runtime Insights Partner Ecosystem marks a step forward in cloud security, harnessing the power of leading solutions across the industry along with runtime insights from Sysdig. Our goal is to empower organizations to stay ahead of threats and effectively safeguard cloud environments.

    What’s next? Visit our Runtime Insights Ecosystem page to learn more about our work with solution partners.

Subscribe and get the latest updates