Sysdig is pleased to announce that we’re now recognized as Amazon Linux 2023 Ready as part of the Amazon Web Services (AWS) Service Ready Program. Amazon Linux 2023 (AL2023) is the newest Linux operating system from AWS available to support your workloads running on Amazon EC2. The team at Sysdig validated AL2023 with Sysdig Secure and Sysdig Monitor to ensure full support for our container security and cloud-native monitoring capabilities with this latest OS.
In this blog, I’ll share some more details about what AL2023 offers and provide some insights on how Linux, as a fundamental building block of cloud-native, is critical to what Sysdig has to offer for AWS customers.
Amazon Linux 2023: Linux for the cloud
Amazon Linux 2023 is optimized for the cloud. It enhances the proven reliability of Amazon Linux and includes updates that improve security and supportability as well. AWS plans to deliver minor releases every quarter and major releases on a 2-year cadence. In each, customers receive security updates, bug fixes, and new features. In addition, each major version will be supported for five years.
By adding a predictable release cadence and long-term support, AWS provides customers with better security, and faster access to innovations – all while maintaining no-cost licensing.
Sysdig: Cloud security for Linux and containers – Powered by runtime insights
Enterprises moving to the cloud report visibility and security as being key challenges to cloud adoption. At Sysdig, our solutions focus on removing blind spots in fast-moving, cloud-native environments. Our solutions tie directly into Linux to gain visibility into the behavior of cloud-native workloads.
Kernel-level instrumentation for security and monitoring delivers insights into container and host activity without forcing monitoring code to be loaded into your individual container images. By observing Linux system calls, Sysdig delivers cloud-native monitoring and runtime security with extremely low overhead and a high level of accuracy. As we like to say, “The kernel never lies.”
Using Sysdig with AWS environments running AL2023
AWS customers use Sysdig to tackle several cloud-native security and monitoring use cases – all of which are useful for teams that are adopting AL2023. The capabilities we provide span from source to run, helping you deliver security in the build pipeline and at runtime, as well as giving you visibility into health and performance.
Find, focus, and fix vulnerabilities
Sysdig consolidates AL2023 host scanning and container scanning to help you detect and address vulnerabilities. Using Sysdig Secure policies, cloud teams can not only identify CVEs but can also block vulnerable images from running in production. When new CVEs are reported, runtime monitoring for containers and hosts helps you identify what is currently in production that might put your business at risk. What’s more, to help teams better prioritize what to fix, our “Risk Spotlight” capability uses runtime insights to narrow the focus to the vulnerable packages actually invoked at runtime.
Detect & respond to workload threats
Seeing what is actually happening in a dynamic, orchestrated, cloud and container environment can be difficult. As mentioned above, Sysdig solves this by observing all activity at the Linux kernel. Runtime security policies built on open-source Falco, help you filter activity and alert on the things you don’t want happening with your workloads running on Amazon EC2 and AL2023. This includes monitoring the behavior of containers running on Amazon ECS, Amazon EKS, and AWS Fargate. Think of the runtime security capabilities in Sysdig Secure as a security camera to help you see and address real-time risk across your nodes and containers.
Manage configurations and compliance
Configuration errors that leave the door open to attacks are one of the most critical areas of concern with securing hosts and containers. Checking your environment against best practices using measuring sticks like CIS Benchmarks and the AWS Well-Architected Framework can reveal where you might have a misconfigured security setting. Compliance and posture management built into Sysdig Secure evaluates against best practice policies and reports violations in an ongoing stream. You can also now kick off a remediation flow to apply fixes to identified issues.
Monitor and troubleshoot Linux and containers
Sysdig uniquely provides both security and performance monitoring with a single agent and SaaS backend. Using Sysdig Monitor, AWS users who deploy Amazon Linux 2023 are able to keep track of performance, health, resource consumption, and more. DevOps teams can move from high-level overviews of clusters and nodes down to individual metrics and topology views enriched with clear cloud and Kubernetes context. To help you get more done, faster, capabilities like Advisor bubble up a prioritized list of issues, troubleshooting insights, and actionable steps for remediation.
Getting started with Amazon Linux 2023 and Sysdig
AWS and Sysdig collaborate to help you securely run containers and cloud services at scale. Amazon Linux 2023 advances security in the base operating system and with Sysdig you can cover the bases from source to run.
If you’re in search of a solution to visibility and security for your cloud hosts running Amazon Linux 2023, you can get started with Sysdig in minutes.