The Official Sysdig Blog

Author - mateo

How to Implement Open Source Container Security: Part 2 Docker Image Scanning

By on July 16, 2018

This is the second post in a two-part series on Open Source Container Security. The first post focused on open source container runtime security using Falco to build a response engine for…

Read More →

How to Implement Open Source Container Security: Part 1 Runtime Security

By on July 12, 2018

Container security is top-of-mind for any organization adopting Docker and Kubernetes, and this open source security guide is a comprehensive resource for anyone who wants to learn how to implement a complete…

Read More →

Implementing Docker/Kubernetes runtime security

By on June 4, 2018

Sysdig Falco performs live monitoring of the behavior of your Docker containers and Kubernetes pods at runtime. Using Falco you can create a Docker runtime security policy to detect attacks and anomalous…

Read More →

Kubernetes Security Guide, Chapter 3. Securing Kubernetes components: kubelet, etcd and Docker registry

By on April 24, 2018

In this chapter of the Kubernetes security guide, we are going to cover best practices related to sensitive Kubernetes components and common external resources like the Docker registry. We will learn how…

Read More →

Kubernetes Security Guide, Chapter 2: Kubernetes Security Context and Kubernetes Network Policy

By on April 4, 2018

Once you have defined Kubernetes users and services credentials and permissions, we start leveraging Kubernetes orchestration capabilities to configure security at the pod level. We will learn how to use Kubernetes Security…

Read More →

Kubernetes Security Guide, Chapter 1: Kubernetes RBAC and TLS certificates

By on April 4, 2018

RBAC security context is a fundamental part of your Kubernetes security best practices, as well as rolling out TLS certificates / PKI authentication for the core Kubernetes API server. We will learn…

Read More →

Sending Kubernetes & Docker events to Elasticsearch and Splunk using Sysdig

By on March 6, 2018

In this article we are going to see how to aggregate Kubernetes / Docker events and alerts into a centralized logs system like Elasticsearch and Splunk. Logging engines are a great companion…

Read More →

How to monitor Istio, the Kubernetes service mesh

By on February 27, 2018

In this article we are going to deploy and monitor Istio over a Kubernetes cluster. Istio is a microservice mesh platform that offers advanced routing, balancing, security and high availability features, plus…

Read More →

How to build a Kubernetes Horizontal Pod Autoscaler using custom metrics

By on February 20, 2018

The default Kubernetes Horizontal Pod Scaler (HPA) uses CPU load, in this article we will show how to configure it to pivot over any other monitoring metric implementing and extending the Kubernetes…

Read More →

How to deploy Openshift on AWS

By on January 25, 2018

In the following tutorial we will show how to quickly boot an OpenShift Origin multinode deployment on Amazon AWS using CloudFormation and Ansible. We found the reference architecture had too many additional…

Read More →