July 2022 Cloud-native news

Hello from all of us at Sysdig!

July is bringing some crazy weather all around the globe, we hope you are all safe. Maybe you can find some cover in the cloud, with our cloud-native highlights!

It has been a busy month for Sysdig too, as we just released Drift Control to help you prevent container attacks on runtime with Sysdig Secure.

Sign up for our monthly Cloud-native News.

Ping us @sysdig or on our open-source Sysdig Slack group to share your feedback and suggest topics for future issues! Previous editions are in the archive.

The news

Industry buzz

Fallacies of distributed systems

Check this analysis of when the theory of distributed systems meets with reality.

Google cybersecurity action team threat horizons report #3

Don’t miss these highlights, like common ways to install cryptominers.

Optimizing CI/CD credential hygiene

Discover ways to obtain credentials in this comparison of CI/CD solutions.

Shift left on Google Cloud security: Invest now, save later

Learn ways to shift left in Google Cloud, and the impact of detecting issues earlier.

How can SOC analysts use the cyber kill chain?

Discover how this framework helps explain how a specific cyber-attack is executed.

Ongoing phishing campaign can bypass your MFA protection

Dig into how this ongoing campaign works.

And remember, MFA is important, it prevents attacks.

Community tips

MitM at the edge: Abusing Cloudflare workers

Learn how this serverless service can be used to compromise your account.

Cloud design patterns

Check this guide from Microsoft on patterns that solve common cloud problems.

Using exposed Kubernetes and Prometheus to exploit clusters

What information provides several exposed services? Discover what exploits they enable.

Also check a similar analysis for a Prometheus server from a KubeCon talk.

How to monitor Nginx in Kubernetes with Prometheus

Planning to monitor Nginx? Dig into the most common metrics to look at.

Awesome cloud native trainings

Don’t miss this list of great training resources, recently updated with AWS free courses.

What’s new with Sysdig?

Collect critical AWS metrics faster with Sysdig

With Sysdig Monitor support for Amazon CloudWatch Metric Streams, you’ll be able to ingest metrics from AWS CloudWatch in real time.

Adapting security to Amazon EKS Anywhere on Bare Metal

Read more on how Sysdig supports this recently launched service.

Detecting suspicious activity on AWS using cloud logs

Finding high-risk events in cloud and container environments is often described as finding a needle in a haystack, but it doesn’t have to be.

Sysdig’s Drift Control coverage in the press

How to secure Kubernetes deployment with signature verification

Learn step-by-step how to implement a secure Kubernetes deployment.

Recent releases and ecosystem updates

Read all about Sysdig’s interesting new features and ecosystem updates on our blog.