This is a guest blog by Ashu Deep Saxena (Senior Practice Lead, Cloud Modernization, Coforge, a Sysdig GSI partner) with inputs from Sandeep Kumar (Lead Solution Architect, Sysdig) and Durgesh Shukla (Sr. PMM, Sysdig).
The desire to take advantage of the modern cloud-native paradigm has forced many enterprises to rush to production with Kubernetes and containerized applications. Often, the incorrect expectation with cloud-native adoption is that Ops teams would be able to easily transition their existing security and operational practices, workflows and tooling to these new software development platforms and everything would still work as before.
However, containers and microservices add new abstractions that make it very hard to have visibility of what is going on in your applications. The ephemeral nature of containers combined with the black-box nature of the available tools means that deep data for analyzing security incidents, compliance violations, or performance issues become incredibly hard to obtain.
Older puzzles with newer added complexities
There has been great progress made in the information technology world over the last few years. But with all the technological advancements, threats with regard to cybersecurity and information security have also grown exponentially. They have rightfully become key discussion items for CIOs and IT leaders, and here are some examples of why:
- With cloud services such as serverless functions and managed container services, there are added instrumentation requirements that arise for customers with regard to monitoring.
- The underlying constructs of containers and orchestrator-driven microservices differ greatly from VM or server-based applications. In most cases, legacy security and performance management tools cannot provide context to understand systems risk, health, and performance.
- Being one of the central technologies to cloud-native architectures, Kubernetes in its current state is not secure by default– particularly so due to sharing of kernels between containers. Kubernetes also has issues with privilege escalation leading to unauthorized intrusions into containers due to vulnerabilities and exploits.
Hence, there is an acute need for better tools that are able to cope with the complexities and risks associated with the changed security, compliance and monitoring requirements of consumers.
Coforge’s experiences in cloud adoption and operations
Coforge (formerly NIIT Technologies) has strong roots in technology education and was in fact founded as an IT Training company in 1981. NIIT Limited expanded its services within a few years to include consulting, software solutions and business process outsourcing. Coforge is uniquely positioned to assist customers adopting cloud and containers:
- With over 2000+ cloud professionals, Coforge globally supports 250+ customers with a strong focus on the Insurance, Travel, Transportation & Hospitality, Banking and Financial Services industries. The company has recently made forays into the Retail, Public Sector, Healthcare & Life Sciences, Hi-Tech and Manufacturing industries as well to solve complex digitization challenges.
- There are over 20,000+ Coforge associates spread across 25 delivery centers to provide innovation and speed to market, to achieve modernization, transformation and deliver superior solutions.
To ensure that customers get the best-of-breed solutions, Coforge evaluates multiple tools and then helps customers with services to adopt and operate these tools. As an example, for cloud security and visibility, it based its tool evaluation on subjective and weighted criteria such as:
- Intrusion detection capability, recording capability and operational management
- Simplicity to deploy, run and scale
- Open-source vs closed-source
- Incident response and forensics capabilities
- One-stop solution
Eventually, after multiple proofs-of-concept studies, Coforge decided to adopt Sysdig to power its container solutions and services, with some of the important reasons highlighted below:
- Sysdig has consistently shown thought leadership and is driving the standard for cloud and container security.
- With the Sysdig platform, customers can easily find and focus on issues that leave an organization open to a security incident and indicators of a potential attack.
- Teams can detect and respond to threats and anomalies, find, prioritize and fix application vulnerabilities and manage cloud configurations, permissions and compliance.
- The Sysdig platform provides a single view of risk across cloud and container environments with no blind spots. The platform is built on open standards that make it easier to integrate with existing tools.
How customers can benefit from the partnership
Coforge and Sysdig have a strategic partnership rooted in a common value set of enabling customer success in the new cloud-native paradigm. This partnership is designed to help customers easily migrate workflows and transition to applications built on top of container and cloud services.
Coforge’s container services help customers across all the stages of their container adoption journey. This includes adoption strategy & assessment, design & implementation of different container platforms, deployment/migration & management of applications in containers.
With Coforge’s deep domain expertise and capabilities in cloud, infrastructure & application modernization backed by Sysdig’s security and monitoring prowess, customers can rest assured that a best-in-class solution is being tailored to their unique observability, security, and compliance needs. Coforge has further invested to build a team of cloud security experts with a deep understanding of the cloud-native ecosystem and Sysdig platform to help customers.
Some of the best features of the Sysdig platform to reiterate include the ability to:
- Detect misconfigurations from IaC source files to cloud services with a unified policy.
- Detect and respond to runtime threats across containers, hosts and cloud.
- Unify vulnerability management across containers and hosts. Also better prioritize vulnerabilities based on runtime context and risk.
- Enforce least-privilege access policies with Cloud Infrastructure Entitlements Management (CIEM) to reduce cloud risks.
- Achieve compliance by using out-of-the-box checks to meet regulatory standards (CIS benchmarks, NIST 800-53, SOC2, PCI-DSS, etc.) for containers and cloud. Enable File Integrity Monitoring (FIM) for containers and hosts.
- Monitor containers, Kubernetes, and cloud services – Maximize performance & ensure availability of cloud-native applications by monitoring & troubleshooting using granular data with cloud & Kubernetes context.
Together, Sysdig and Coforge enable customers to take advantage of the things the cloud is optimized to do– develop and deliver rapidly, innovate continuously, scale business and technology operations, trade capital expenses for operational ones and do it all with the necessary security and visibility needed to protect users, data, and resources.