February 2021 cloud-native news

Hello from all of us at Sysdig!

February has been a busy month in the cloud-native community. We, at Sysdig, are excited to announce a new version of the Sysdig Admission Controller that makes deployments secure by default. Don’t miss our cloud-native highlights!

Sign up for our monthly Cloud-native News.

Ping us @sysdig or on our open-source Sysdig Slack group to share your feedback and suggest topics for future issues! Previous editions are in the archive.

The news

Industry buzz

Investments and dealmaking around Kubernetes

Kubernetes security is trendy and everyone wants a piece of the cake. We’re only two months into 2021 and there have been plenty of deals already.

DDoS attacks in 2020

The prevalence of Distributed DDoS attacks in 2020 grew by more than 50%. Check out this report from Azure, reviewing 2020’s trends and insights on this kind of attack.

Build pipelines attack

The software build process is often overlooked. Take a look at the U.S. government warnings and recommendations on the topic.

Check out a real example of how vulnerable development pipelines could compromise your organization.

Kubernetes in Nvidia’s GPU hardware

Nvidia has been using Kubernetes internally for years to apply the technology to intense GPU workloads.

Kubernetes attacks:
What your cluster is trying to tell you

Feb. 25 | 10am Pacific | 1pm Eastern

” rel=”noopener noreferrer”>Register Now →

Mercari uses Sysdig to secure the most widely used flea market app in Japan

Read Now →

Community tips

Crypto-mining attacks are getting sophisticated

Read this astonishing story about a crypto-mining attack. It started as an innocent pull-request that silently triggered a Github action.

Building container images without Docker

Learn how to use go-containerregistry to build container images programmatically by using Go.

Making containers die faster

Check out this empiric scenario on how killing containers manually can lead to faster boot times and fewer blocked resources in our cluster.

Bad pods: Kubernetes pod privilege escalation

Review, with several scenarios, what the worst things that can happen are when you don’t follow the deployment security best practices.

How to detect sudo’s CVE-2021-3156 using Falco

A heap overflow vulnerability allows privilege escalation on sudo. Learn how it works and how to detect such an exploit with Falco.

Recently, Amazon released new versions of their Linux images shipping an updated kernel without this vulnerability.

Awesome Falco resources

Check out this curated list of Falco-related tools, frameworks, and articles on GitHub.

Pop and Falco on the Kubelist Podcast

Listen to this interview with Dan “Pop” Papandrea in which he talks about Falco and the importance of runtime monitoring for security.

Using Falco with Kubernetes audit logs

Check out how to integrate the Kubernetes audit logs with Falco to detect suspicious activity in your cluster.


What’s New with Sysdig?

New Admission Controller (beta)

We have released a new version of the Sysdig Admission Controller (still in testing stage) that enables you to not only detect and get security reports, but to take direct actions using a new user interface.

Take a look at this video explaining how the new user interface works.

If you want to learn more about Kubernetes Admission Controllers, we can tell you how it works in 5 minutes.

Detecting MITRE ATT&CK defense evasion

Learn how to stay ahead of attackers, detecting them when they try to bypass your defenses.

Runtime security in Azure Kubernetes Service

Already implemented image scanning, and want to take security on your Azure container infrastructure a bit further? Check how you can implement runtime security for AKS with Sysdig and Falco rules.

How to monitor AWS SQS with Prometheus

Don’t miss these topics on how to monitor AWS SQS, and how to use Prometheus to track all your cloud services in a single pane of glass.

Recent releases and ecosystem updates

Most Sysdig products received updates in the last few days: Sysdig Secure, Sysdig Monitor, our Falco rules, new resources, and much more. Read all about the interesting new features and ecosystem updates on our blog.


Stay safe. Meet us online:

Kubernetes attacks:
What your cluster is trying to tell you
Feb. 25 | 10am Pacific | 1pm Eastern

Register Now →

See Sysdig at Microsoft Ignite
Mar. 2 – 4, 2021

Register Now →

Container security best practices on Azure Kubernetes Service
Mar. 4 | 10am Pacific | 1pm Eastern

Register Now →

Accelerate your FedRAMP journey for container security
Mar. 11 | 10am Pacific | 1pm Eastern

Register Now →

Red Hat Summit
Apr. 27 – 28, 2021

See the Schedule →

AWS Summit
Apr. 2021

See the Schedule →