IBM LinuxONE and Sysdig: Building cyber resilient systems in hybrid cloud environments

By Durgesh Shukla - SEPTEMBER 13, 2022


On September 13, 2022, IBM announced the latest IBM LinuxONE Emperor 4, a highly secured and sustainable Linux-based enterprise server designed for companies of all sizes. Sysdig with IBM LinuxONE provides unified visibility across workloads and cloud infrastructure through a single cloud-native monitoring and security platform.

IBM and Sysdig are helping clients, including those in heavily regulated industries such as financial services, to build a modern cyber resilient platform stack designed to improve security, business agility, and sustainability, and also reduce overall costs. Businesses can leverage the next generation of IBM LinuxONE’s highly secure and sustainable platform to deploy critical workloads, OpenShift clusters and others across hybrid cloud environment(s).

Phil Williams, Sysdig’s Senior Vice President of Strategic Alliances, quotes: “Our relationship with IBM for the IBM LinuxONE and IBM zSystems is a key component of our broader initiative for security that is rooted in open source. Sysdig is positioned as a technology partner to support IBM in the LinuxONE Emperor 4 server launch with its unified security and monitoring solution compatible with these secured and sustainability-oriented machines.”

IBM and Sysdig: Joint value creation

IBM LinuxONE Emperor 4 is designed to help companies of all sizes to build a highly secured, sustainability-focused, scalable, agile infrastructure. With IBM LinuxONE, businesses can:

  • Build a sustainable enterprise by reducing carbon footprint and costs
  • Develop a secure cyber-resilient system with privacy and protection
  • Deliver consistent transactional service levels with a massively scalable system

In synergy with IBM LinuxONE, Sysdig products can help customers build a security‑focused, Kubernetes‑based foundation for developing, deploying, and managing applications in containerized and cloud environments. Together, Sysdig and IBM deliver a cloud‑native monitoring and security platform to help clients confidently run containers, Kubernetes, Red Hat OpenShift, and Linux on the new IBM LinuxONE Emperor 4 servers.

IBM and Sysdig: Key use-cases

Here are a few business use-cases on how Sysdig running on IBM LinuxONE Emperor 4 can help organizations through a unified platform to deliver security, monitoring, and compliance functionality in a container and microservices-friendly architecture:

Security governance for workloads running on IBM LinuxONE servers

Set and enforce policies across containers, Kubernetes, Red Hat OpenShift Container Platform, and Linux hosts to maintain higher levels of security for IBM LinuxONE-based applications.

Image scanning and vulnerability management

Scan and block container vulnerabilities in the CI/CD pipeline and identify vulnerabilities in running images across containers, Kubernetes, Red Hat OpenShift and Linux workloads.

Runtime security for workloads running on Red Hat OpenShift or Kubernetes

Detect anomalous behavior with the Falco engine and prevent threats using Kubernetes native controls such as Pod Security Policies.

Continuous compliance and benchmarks validation

Help ensure compliance across the container lifecycle for standards like NIST, PCI, GDPR, and HIPAA. Validate that configurations at every logical layer of your infrastructure meet security best practices based on CIS Benchmarks for Kubernetes and Linux.

Prometheus-based monitoring for IBM LinuxONE

Deep visibility for containers and Kubernetes – allowing for troubleshooting and customization of metrics.

Audit and forensics

Reconstruct system activities correlated with Kubernetes application context for forensics and incident response.

Ecosystem Partnership with IBM

Sysdig is excited to be working closely with the IBM ecosystem to bring new innovations to our joint clients. Customers can benefit from open standards and an ecosystem that LinuxONE offers including linux-based applications, modern DevOps and a variety of popular software. This can also help to address operational barriers when customers deploy and manage technologies on cloud-native infrastructure. Check out the following resources to learn more:

Additional resources 

Subscribe and get the latest updates