Hello from all of us at Sysdig!
April has been a busy month for the cloud-native community, so don’t miss our cloud-native highlights!
Sign up for our monthly Cloud-native News.
Ping us @sysdig or on our open-source Sysdig Slack group to share your feedback and suggest topics for future issues! Previous editions are in the archive.
- Kubernetes 1.24 has been delayed to May 3rd.
- Hashicorp Vault 1.10 has been released.
- AWS Lambda now supports built-in https endpoints.
- Google Cloud EKM now has new functionalities.
- Prometheus 2.35 was released.
- Atlassian cloud outage hits 400 customers.
- Github copilot is now available for Visual Studio 2022.
What to look for when reviewing a company’s infrastructure?
What are the security critical components in a cloud environment? Discover how to assess the security of a multi-cloud SaaS with this structural approach.
NSA: Kubernetes hardening guidance
This guide goes through a Kubernetes cluster component-by-component, providing tips on how to secure them. Check it out!
The principle of ephemerality
Learn why the shorter the lifespan of things , the less risk they presents. This is the Principle of Ephemerality.
A journey to monitoring
Properly scaling up monitoring and alerting infrastructure is no trivial task. Don’t miss the Miro Data team’s journey to find out how they faced this challenge.
Getting ready for Kubernetes 1.24
Kubernetes 1.24 is going to be released next month, and it brings lots of changes.
The biggest of them is the removal of Dockershim. If you want to get introduced to the topic, check this comprehensive article on why this is a major change.
Don’t miss our compilation of all Kubernetes 1.24 new features and deprecations.
Analyze Okta Events with Falco
If your organization relies on Okta, find out how to detect threats from Okta Log Events using Falco.
OpenSSH SCP deprecation in RHEL 9
Discover the reasons for Red Hat to deprecate OpenSSH SCP in RHEL 9, and start adopting an alternative solution.
OPA Supply Chain Attacks
Learn how an attacker can abuse the Rego policy language to perform OPA Supply Chain Attacks.
Operation Jumbo Drop
Dig deep in the intricacies of how the AWS network works with this real-life story on how sending large packets broke a team’s AWS network.
What’s new with Sysdig?
Is your team drowning in container vulnerability noise?
We just announced Risk Spotlight, a new feature in Sysdig Secure that will help you eliminate noise and prioritize the vulnerabilities that really matter. Check it out!
While we are talking about vulnerability, read this guide to understand how vulnerability severity rating is calculated.
Understanding Kubernetes pod pending problems
Kubernetes pod pending is ubiquitous in every cluster. Discover why these problems happen and learn how to troubleshoot them.
Understanding and mitigating Spring4Shell
Two critical vulnerabilities in Spring libraries were reported in late March. Discover the differences and similarities between them, and how to mitigate its effects:
Digital Forensics Basics: A Practical Guide for Kubernetes DFIR
Discover what Digital Forensics and Incident Response (DFIR) is, and why DFIR for Kubernetes is so important.
Recent releases and ecosystem updates
Most Sysdig products received updates in the last few days: Sysdig Secure, Sysdig Monitor, Sysdig Agents, our CLI and tools, and much more. Read all about the interesting new features and ecosystem updates on our blog.