Introducing Sysdig’s Enhanced Searchable Inventory for Complete Cloud Visibility

By Daniel Simionato - SEPTEMBER 27, 2023

SHARE:

See how Sysdig’s improved inventory can help you find your way inside your ever-growing cloud infrastructure with minimal effort.

The challenge of visibility on the cloud

In a multi-cloud world, the challenge of maintaining end-to-end visibility can be overwhelming.

Visibility itself is essential to achieve security. After all, you can’t secure what you can’t see.

Throughout your day, you or your teams might ask:

  • How can I get a unified search experience to track resources from source (e.g., IaC manifests) to live assets running across multi-cloud and Kubernetes environments?
  • How can I identify which resources are adhering to my security and compliance policies and which ones are failing controls?
  • How do I prioritize which resources to fix first?

Navigating these various scenarios demands a solution that offers dynamic searchability and insights.

The Sysdig Secure Inventory gives you rapid access to the most relevant information on your cloud resources.

Introducing Inventory

Inventory is not another database or list of assets.

With Inventory, navigating the intricate network of your cloud resources becomes not just manageable, but intuitive.

It provides a seamless interface that marries comprehensive visibility with dynamic searchability, making it the cornerstone of effective cloud security posture management.

Inventory effectively combines Sysdig Secure’s extensive data sources into a single pane of glass. The resources are scanned and refreshed periodically while Sysdig correlates their metadata with vulnerability scan results, posture control evaluations, and even Runtime Insights, such as which packages are in use in a specific container.

Let’s dig deeper into a few illustrative examples.

Dynamic Inventory Search for Instant Visibility

Let’s say you are part of a security team in charge of multiple cloud accounts on AWS, Azure, and GCP.

Normally, to have visibility over all your cloud resources you would need to open three vastly different web interfaces, switching between multiple accounts and organizations, and navigating through the peculiarities of vendor-specific naming conventions and user interfaces.

If you wanted visibility into your code resources, you would probably need to dig around different git repositories trying to find what’s actually relevant.

With Inventory, all of this is reachable in just a few clicks. All cloud resources, including code resources like Kubernetes manifests or terraform templates, or artifacts like container images, are available in a single, sleek, searchable interface.

Inventory gives you a quick view on the resource’s types, their origin, and cloud security findings such as posture, vulnerabilities, and exposure to the internet.

Need to find a specific Kubernetes workload in the finance namespace?

You can apply a dynamic filter on the spot, without needing to specify on which cluster or even cloud provider that namespace is:

Now, let’s say you want to find all compute resources that are failing a specific posture control, like containers running as privileged.

Once again, the answer is just a filter away:

You can also get a precise list of your cloud(s) perimeter by filtering for all resources that are exposed to the internet:

Prioritizing In-Use Exposure via Runtime Insights

Inventory leverages Sysdig’s runtime insights to expand its search capabilities.

For example, if there is a new high-profile vulnerability with public exploits, you will need to quickly assess the scope of resources that might be affected in your infrastructure. You will then need to prioritize remediating those resources exposed to the internet and running vulnerable packages.

Typically, you would need to ask every team responsible for the instances what images they are running, if there is an SBOM available, or wait for vendor notes in case the instances are running third-party commercial software.

The end result would probably look like a spreadsheet with a lot of question marks and “TBD” cells. It would take no less than a couple of days, and would cause a lot of headaches as everyone is all hands on deck.

The same question answered with Inventory would look completely different. You could simply filter by resource type or category, add a filter for the desired vulnerability, and filter for publicly-exposed instances where the vulnerable package is in use. All that can be completed in less than a minute.

Adding runtime insights alongside data gathered from posture and vulnerability scans is what sets Inventory apart from other tools.

Conclusion

Unlike conventional solutions that rely solely on static posture checks, Inventory combines runtime insights, cloud integrations, vulnerability scans, and periodic cloud security posture controls in a single effective view.

Real-time information from the runtime agent and cloud integrations integrate seamlessly with our posture and vulnerability checks.

This integration not only grants unparalleled visibility into your environment, but also gives you meaningful context and findings across all your resources.

Inventory isn’t like any other tool that simply restates data; we augment each resource with precise context to help you quickly find what you’re looking for.

Its comprehensive cloud insights empower you to continuously safeguard your digital domain effectively.

If you want to learn more about Sysdig’s Enhanced Searchable Inventory:

Subscribe and get the latest updates