Today we are very excited to announce our latest release — Sysdig Secure 2.3! In this version of Sysdig Secure, we have invested heavily in hardening the compliance posture of Kubernetes, Docker configurations, and container images. We have released a set of features that provide compliance focused image scanning, guided remediation, compliance dashboards, and more. All of these capabilities serve the purpose of helping your DevOps and application teams protect your container environments and ensure best-in-class security and compliance across the entire container lifecycle. Let’s dive into what’s new in 2.3!
Support for New Compliance Frameworks (NIST 800-190, PCI)
Sysdig Secure 2.3 introduces new Kubernetes security scanning policies for NIST 800-190 and PCI compliance frameworks along with improvements to existing CIS and Dockerfile best practices. These out-of-the-box policies allow customers to enforce and adhere to various compliance standards and provide additional checks for their container images running in Kubernetes and Openshift environments. Read more about our container and Kubernetes compliance solutions.
Guided Remediation for Kubernetes and Docker Compliance
DevOps teams want to know what’s needed to fix their Kubernetes cluster configuration and ensure it adheres to compliance controls. In the event of a Kubernetes or Docker benchmark configuration drift, users can leverage guided remediation tips in Sysdig to apply best practices for maintaining compliance and reduces time spent trying to fix the problem themselves.{#}
Industry’s First Compliance Dashboards Available in Sysdig Monitor
Sysdig is the first in the industry to have compliance dashboards for tracking Kubernetes and Docker compliance posture against the CIS benchmark. Users now have access to more than 90+ new compliance related metrics within Sysdig Monitor. This feature allows enterprise IT teams to easily understand their compliance posture via intuitive and customizable dashboards that display patterns such as pass/fail percentages and benchmark trends over time. Also, as a freebie – for existing Sysdig Monitor customers, these compliance dashboards will be available by default.
Support for Kubernetes Audit Dashboards in Sysdig Monitor
In the Secure 2.2 release, we highlighted the capability of Kube-audit metrics to be ingested into Sysdig Secure to provide an additional feed of events that could be monitored for suspicious behavior. In Secure 2.3, enterprise users who also leverage Sysdig Monitor can visualize Kube-audit metrics on the Sysdig monitor dashboards. This allows enterprises to gain visibility into the audit streams of their Kubernetes environments and assess their performance, compliance, and security posture of their environment from a single dashboard.SIEM Enrichment Capability
Secure 2.3 now integrates with Splunk and Syslog to enrich log data that is sent to the SIEM providers. This reduces alert fatigue and allows SOC analysts to prioritize alerts based on Sysdig triggered events. It also helps improve traditional threat hunting activities by enriching known IOC’s and adding threat intelligence context.