Today we are very excited to announce our latest release — Sysdig Secure 2.3! In this version of Sysdig Secure, we have invested heavily in hardening the compliance posture of Kubernetes, Docker configurations, and container images. We have released a set of features that provide compliance focused image scanning, guided remediation, compliance dashboards, and more. All of these capabilities serve the purpose of helping your DevOps and application teams protect your container environments and ensure best-in-class security and compliance across the entire container lifecycle.
Let’s dive into what’s new in 2.3!
Support for New Compliance Frameworks (NIST 800-190, PCI)
Sysdig Secure 2.3 introduces new scanning policies for NIST 800-190 and PCI compliance frameworks along with improvements to existing CIS and Dockerfile best practices. These out-of-the-box policies allow customers to enforce and adhere to various compliance standards and provide additional checks for their container images running in Kubernetes and Openshift environments.
Read more about our container and Kubernetes compliance solutions.
Guided Remediation for Kubernetes and Docker Compliance
DevOps teams want to know what’s needed to fix their Kubernetes cluster configuration and ensure it adheres to compliance controls. In the event of a Kubernetes or Docker benchmark configuration drift, users can leverage guided remediation tips in Sysdig to apply best practices for maintaining compliance and reduces time spent trying to fix the problem themselves.
Industry’s First Compliance Dashboards Available in Sysdig Monitor
Sysdig is the first in the industry to have compliance dashboards for tracking Kubernetes and Docker compliance posture against the CIS benchmark. Users now have access to more than 90+ new compliance related metrics within Sysdig Monitor. This feature allows enterprise IT teams to easily understand their compliance posture via intuitive and customizable dashboards that display patterns such as pass/fail percentages and benchmark trends over time. Also, as a freebie – for existing Sysdig Monitor customers, these compliance dashboards will be available by default.
Support for Kubernetes Audit Dashboards in Sysdig Monitor
In the Secure 2.2 release, we highlighted the capability of Kube-audit metrics to be ingested into Sysdig Secure to provide an additional feed of events that could be monitored for suspicious behavior. In Secure 2.3, enterprise users who also leverage Sysdig Monitor can visualize Kube-audit metrics on the Sysdig monitor dashboards. This allows enterprises to gain visibility into the audit streams of their Kubernetes environments and assess their performance, compliance, and security posture of their environment from a single dashboard.
SIEM Enrichment Capability
Secure 2.3 now integrates with Splunk and Syslog to enrich log data that is sent to the SIEM providers. This reduces alert fatigue and allows SOC analysts to prioritize alerts based on Sysdig triggered events. It also helps improve traditional threat hunting activities by enriching known IOC’s and adding threat intelligence context.
Enhanced Vulnerability Management with Snyk Integration
From a scanning perspective, Secure now ingests feeds from Snyk which is an open-source vulnerability management tool. With the integration of Snyk, Sysdig Secure customers now have visibility into vulnerabilities in their repositories for non-OS based packages (Python, NPM, Ruby, etc). Dependencies are tested against Snyk’s comprehensive vulnerability database to ensure they no dependency flaws exist.
If you’re at RSA, stop by Marriott Marquis, Kiosk #37 to learn more about these features and see them in action!
Join our webinar on March 21, “Sysdig and AWS: 4 Best Practices to Meet Compliance Requirements in Kubernetes Environments.” Register now!
If you won’t be at RSA, but you would like to learn more or schedule a demo, get in touch with us!