July 2021 cloud-native news

Hello from all of us at Sysdig!

July has been a busy month in the cloud-native community. At Sysdig, we announced our plan to acquire Apolicy. We are excited to join forces with the talented Apolicy team to help customers secure Infrastructure as Code.

• The news
• Industry buzz
• Community tips
• What’s new with Sysdig?
• Meet us online

---

---

Ping us @sysdig or on our open-source Sysdig Slack group to share your feedback and suggest topics for future issues! Previous editions are in the archive.

The news

• Falco 0.29 released.
• OpenShift 4.8 released.
• Rocky Linux (CentOS replacement) 8.4 GA available.
• Cloud Custodian 0.9.12 released.
• MITRE ATT&CK mappings released for built-in Azure security controls.
• New Terraform provider for Google Workspace announced.
• Flux2 0.16 released. Flux APIs are now stable.

Industry buzz

Microsoft $10 billion contract with Pentagon, canceled

The DoD called off the $10 billion cloud contract that was the subject of a legal battle involving Amazon and Microsoft. The Pentagon announced plans for a multi-vendor project.

Going serverless on AWS

Read this interesting story about a company’s journey from classic architecture to a serverless one. It covers all the steps they went through, from code organization to testing.

Web Assembly on the cloud

Don’t miss this article about the importance of running Web Assembly on the server-side, and how it can potentially revolutionize the cloud development industry.

State of Kubernetes security report

Take a look at the state of Kubernetes security report, based on the results from more than 500 DevOps, engineering, and security professionals surveys.

Community tips

Add eBPF Observability To Your Product

Check out this step-by-step guide of how to add eBPF observability to your product with open-source, with several tips to improve your results over time.

Docker vulnerability led to deleting a MongoDB database

Learn from the experience of this author, who had a MongoDB database deleted due to an old Docker vulnerability, causing the system firewall to silently fail.

Run scheduled tasks in AWS

Read this interesting tutorial on how to run cron jobs in AWS using Terraform. Besides the examples, it also comes with a repository containing all the code ready to try!

Falco with Google Cloud Functions

In case you missed it, Falcosidekick received a new output type support for Cloud Functions and Cloud Run. They wrote about how to detect and delete a compromised pod with Cloud Functions, and also with Cloud Run.

Kubernetes multicluster with direct communication

Learn how to create multiple Kubernetes clusters locally and establish direct communication between them with Kind and Submariner.

Automatic Google Drive backups into S3

Don’t miss this fantastic article describing how to add resiliency to your personal files stored in GDrive, by backing them up in S3 using ECS and Terraform.

What’s New with Sysdig?

Sysdig announces intent to acquire Apolicy…

For Infrastructure as Code Security with Auto Remediation. Learn how Apolicy is a key building block to delivering on our secure DevOps vision, and how the Apolicy team also strengthens Sysdig’s deep expertise in Kubernetes and cloud security.

How to establish a culture of Secure DevOps

Shifting left security requires a culture of Secure DevOps. Discover how an “internship program” can catalyze such a change in your company’s culture.

New crypto mining attack targeting Kubeflow and TensorFlow

Despite the value drop in cryptocurrency, your infrastructure is still free money for attackers. Read about what makes these attacks noteworthy.

Monitoring availability metrics with Blackbox exporter and Sysdig

Learn how to leverage the Prometheus Blackbox exporter, allowing endpoints exploration over several protocols, such as HTTP(S), DNS, TCP, and ICMP.

Recent releases and ecosystem updates

Most Sysdig products received updates in the last few days: Sysdig Secure and the Sysdig Cloud Connector, Sysdig Agents, our CLI and tools, and much more. Read all about the interesting new features and ecosystem updates on our blog.

Stay safe. Meet us online: