August 2021 cloud-native news

Hello from all of us at Sysdig!

Summer is almost gone, but don’t worry. While you were enjoying your vacation, we collected all the cloud-native news for you. Don’t miss our cloud-native highlights!

Sign up for our monthly Cloud-native News.

Ping us @sysdig or on our open-source Sysdig Slack group to share your feedback and suggest topics for future issues! Previous editions are in the archive.

The news

Kubernetes 1.22 is out

In early August, Kubernetes 1.22 was released. Several old features are finally considered stable, like Server-side Apply and CSI Windows support. It also includes some exciting new enhancements, like enabling seccomp by default. Don’t miss our roundup of what’s new in Kubernetes 1.22?

Industry buzz

Defending against dependency confusion attacks

Learn how Twilio protected itself from a dependency confusion attack with a clean inventory of all the dependencies and by implanting new security controls.

Migrating to a Cloud-Edge Synergy architecture

Read this interesting story about how China Mobile deployed a KubeEdge cluster to ensure low network latency and a faster streaming data transmission. The article covers all the problems they faced and how they solved them.

What database should I use?

Find the right database solution with this article from Google Cloud, that guides you through the different databases, both relational and non-relational, and use-cases to help you find the right one. It also includes a nice diagram summarizing the guide.

Provide secure access to your internal applications

Don’t miss this inspiring story explaining how a SaaS company used AWS, Terraform, and Okta to build a highly secure application gateway for internal use that doesn’t require too much maintenance.

Visit our experts live & see our session: MITRE ATT&CK for Cloud
Sept. 14-15

Register Now →

Our Prometheus Monitoring Guide covers all the basics of Prometheus monitoring.

Read the guide →

Community tips

Safely storing Kubernetes secrets in Git

Take a look at how easy it is to encrypt (and decrypt) your Kubernetes secrets using Mozilla SOPS.

Understand Kubernetes CVE-2020-8562

Read this interesting article explaining a Kubernetes vulnerability that allows access to restricted networks. It includes diagrams and examples, and a temporary mitigation.

Configure your Docker image to access private resources

Learn how to safely use restricted information within Docker containers with Docker BuildKit, and how you can prevent the leaking of credentials used to configure your containers.

Use mutation policies in Kubernetes with Gatekeeper

Discover how to use this recent Gatekeeper feature (still in Alpha) to define a policy that can change Kubernetes resources based on different criteria.

Audit and secure an AWS account

Check out this exhaustive step-by-step guide on how to audit and secure an AWS account. It’s very well explained and full of examples.

What’s New with Sysdig?

Apolicy, welcome to the Sysdig family!

Sysdig has completed the acquisition of Apolicy to enable our customers to secure their infrastructure as code. We are very pleased to see the Apolicy team become part of the Sysdig family, bringing rich security DNA to our company.

Simplifying the Prometheus experience


This month, we announced several new and innovative features for our managed Prometheus service that can save you time and headache, including:


Our managed Prometheus service can save you time and headache, and includes:

OpenTelemetry for pushing metrics to Prometheus Remote Write

Learn how OpenTelemetry can be a great solution to send metrics to a Prometheus remote write endpoint, without needing to install and configure a service Prometheus instance.

Sysrv-Hello Botnet targeting WordPress pods

A WordPress container with default credentials. What could go wrong? Check how the Sysrv-Hello botnet targets these setups to crypto mine.

Securing AWS IAM with Sysdig Secure

IAM holds the keys to your AWS account. If it gets compromised, your whole cloud account will shortly follow. Discover how easy it is to secure this service with Sysdig.

Recent releases and ecosystem updates

Most Sysdig products received updates in the last few days: Sysdig Secure and the Sysdig Cloud Connector, Sysdig Agents, our CLI and tools, and much more. Read all about the interesting new features and ecosystem updates on our blog.

Stay safe. Meet us online:

Straight Talk for Government
Sept. 9

Register now →

DeveloperWeek Global: Cloud Conference
Sept. 14-15

Register now →

Simplifying the Prometheus Experience
Sept. 9 | 10am Pacific | 1pm Eastern

Learn more →

Modernize and Secure DevOps with Confidence
Sept. 16 | 10am Pacific | 1pm Eastern

Learn more →

Securing Infrastructure as Code via Open Policy Agent (OPA)
Sept. 23 | 10am Pacific | 1pm Eastern

Learn more →

Kubernetes Monitoring Best Practices
Sept. 30 | 10am Pacific | 1pm Eastern

Learn more →