Hello from all of us at Sysdig!
July is bringing some crazy weather all around the globe, we hope you are all safe. Maybe you can find some cover in the cloud, with our cloud-native highlights!
It has been a busy month for Sysdig too, as we just released Drift Control to help you prevent container attacks on runtime with Sysdig Secure.
Sign up for our monthly Cloud-native News.
Ping us @sysdig or on our open-source Sysdig Slack group to share your feedback and suggest topics for future issues! Previous editions are in the archive.
The news
- Prometheus 2.37 is out! And it’s the first LTS version.
- Cyber Safety Review Board’s first report covers Log4j.
- The SLSA 3 go builder for Github Actions is out!
- Less than one year until TLS 1.2 is required for AWS API endpoints.
- Upcoming changes to Service Account Tokens in GKE with K8s 1.21.
- The Azure Developer CLI (azd) is a faster way to build apps for the cloud.
- Take the 2022 CNCF cloud native survey by August 1st!
Industry buzz
Fallacies of distributed systems
Check this analysis of when the theory of distributed systems meets with reality.
Google cybersecurity action team threat horizons report #3
Don’t miss these highlights, like common ways to install cryptominers.
Optimizing CI/CD credential hygiene
Discover ways to obtain credentials in this comparison of CI/CD solutions.
Shift left on Google Cloud security: Invest now, save later
Learn ways to shift left in Google Cloud, and the impact of detecting issues earlier.
How can SOC analysts use the cyber kill chain?
Discover how this framework helps explain how a specific cyber-attack is executed.
Ongoing phishing campaign can bypass your MFA protection
Dig into how this ongoing campaign works.
And remember, MFA is important, it prevents attacks.
Community tips
MitM at the edge: Abusing Cloudflare workers
Learn how this serverless service can be used to compromise your account.
Cloud design patterns
Check this guide from Microsoft on patterns that solve common cloud problems.
Using exposed Kubernetes and Prometheus to exploit clusters
What information provides several exposed services? Discover what exploits they enable.
Also check a similar analysis for a Prometheus server from a KubeCon talk.
How to monitor Nginx in Kubernetes with Prometheus
Planning to monitor Nginx? Dig into the most common metrics to look at.
Awesome cloud native trainings
Don’t miss this list of great training resources, recently updated with AWS free courses.
What’s new with Sysdig?
Collect critical AWS metrics faster with Sysdig
With Sysdig Monitor support for Amazon CloudWatch Metric Streams, you’ll be able to ingest metrics from AWS CloudWatch in real time.
Adapting security to Amazon EKS Anywhere on Bare Metal
Read more on how Sysdig supports this recently launched service.
Detecting suspicious activity on AWS using cloud logs
Finding high-risk events in cloud and container environments is often described as finding a needle in a haystack, but it doesn’t have to be.
Sysdig’s Drift Control coverage in the press
- Sysdig Secure update adds the ability to stop container attacks at runtime.
- Sysdig takes a deeper cut at Cloud Security
How to secure Kubernetes deployment with signature verification
Learn step-by-step how to implement a secure Kubernetes deployment.
Recent releases and ecosystem updates
Read all about Sysdig’s interesting new features and ecosystem updates on our blog.