June 2022 Cloud-native news

Hello from all of us at Sysdig!

June has been a busy month for the cloud-native community. Don’t miss our cloud-native highlights!

It has been a busy month for Sysdig too, as we just released Drift Control to help you prevent container attacks on runtime with Sysdig Secure.

• The news
• Industry buzz
• Community tips
• What’s new with Sysdig?

Ping us @sysdig or on our open-source Sysdig Slack group to share your feedback and suggest topics for future issues! Previous editions are in the archive.

The news

• Target is jumping into multicloud.
• Rust is coming to the Linux Kernel.
• Sigstore introduced Gitsign to protect software supply chains.
• GitHub published Entitlements, its IAM solution.
• Google cloud announced confidential GKE nodes.
• Microsoft announced Azure Web Application Firewall and more!
• On July 5, AWSConfigRole will be deprecated.
• Terraform cloud adds drift detection.

Industry buzz

• A ‘311’ cybersecurity emergency call line for small businesses?
• Google Cloud security overview
• A deep dive into Temporal’s access control strategy in AWS
• SLSA: Securing the software supply chain
• A review of the AWS security model
• US Coast Guard warn of Log4Shell attacks after 130GB data breach in May

Community tips

Debugging containerd

Check these tips to debug containerd, the container runtime, on Kubernetes.

Secure SSH on EC2: What are the real threats?

What if your SSH port is accessible? Learn how critical this misconfiguration is.

Getting started with Rego

• Check this guide to write your first Rego rules.
• Don’t miss this style guide for Rego.

What the ReadOnlyAccess policy in AWS leaves open

Learn what unwanted permissions grant this policy that may impact security.

Enumeration and lateral movement in GCP environments

Read this example of infiltrating and performing lateral movement in Google Cloud.

Going secretless and keyless with Spiffe Vault

Discover how spiffe-vault can help you secure your supply chain.

More on KubeCon 2022

• Check out this recap from Loft.
• Don’t miss these talks around Prometheus.

What’s new with Sysdig?

Sysdig Announces Drift Control

Drift Control will help prevent container attacks at runtime. Teams can detect, prevent, and speed incident response for containers that were modified in production.

Additionally, Sysdig enhanced malware and cryptomining detection with new threat intelligence feeds from Proofpoint Emerging Threats (ET) Intelligence and the Sysdig Threat Research Team.

How to secure Amazon EC2 with Sysdig

Check out this comprehensive guide on how to secure EC2 on AWS.

How to monitor and troubleshoot Fluentd with Prometheus

Learn how to interpret Fluentd dashboards in Sysdig Monitor.

Recent releases and ecosystem updates

Read all about Sysdig’s interesting new features and ecosystem updates on our blog.